CVE-2009-1883 in Ubuntu

CVE-2009-1883

Priority

Low

Description

The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux
kernel 2.6.9 does not perform a capability check for the Z90QUIESCE
operation, which allows local users to leverage euid 0 privileges to force
a driver outage.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1883
http://www.ubuntu.com/usn/usn-852-1

Bugs

https://bugzilla.redhat.com/show_bug.cgi?id=505983

Package

Source: linux-source-2.6.15 (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 8.04 LTS (Hardy Heron):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	not-affected
Ubuntu 8.04 LTS (Hardy Heron):	not-affected

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2012-06-01 15:19:54 UTC (commit 5347)