CVE-2009-1072 (debian_linux, esx, linux_enterprise_desktop, linux_enterprise_server, linux_kernel, opensuse, server, ubuntu_linux, vcenter, virtualcenter, vma)

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

View Full Alert

Leave a Reply