CVE-2009-2793
Published Sep 18, 2009
Last updated 6 years ago
Overview
- Description
- The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABB5BE84-628A-4845-92C7-E20ADEE7E904",
"versionEndIncluding": "5.0.1"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "555181C9-75B1-427B-BF36-47C7D969DCC5"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAC89BD6-8376-4C8D-A120-1430D8CA113F"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49AF042F-5047-4FA2-B20C-65B2C6EBEA5C"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363"
}
],
"operator": "OR"
}
]
}
]