CVE-2009-1630
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
14/05/2009
Last modified:
09/04/2025
Description
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.
Impact
Base Score 2.0
4.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.29.3 (including) | |
| cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* | ||
| cpe:2.3:o:vmware:esx:2.5.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://article.gmane.org/gmane.linux.nfs/26592
- http://bugzilla.linux-nfs.org/show_bug.cgi?id=131
- http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html
- http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html
- http://secunia.com/advisories/35106
- http://secunia.com/advisories/35298
- http://secunia.com/advisories/35394
- http://secunia.com/advisories/35656
- http://secunia.com/advisories/35847
- http://secunia.com/advisories/36051
- http://secunia.com/advisories/36327
- http://secunia.com/advisories/37471
- http://wiki.rpath.com/Advisories:rPSA-2009-0111
- http://www.debian.org/security/2009/dsa-1809
- http://www.debian.org/security/2009/dsa-1844
- http://www.debian.org/security/2009/dsa-1865
- http://www.mandriva.com/security/advisories?name=MDVSA-2009%3A135
- http://www.mandriva.com/security/advisories?name=MDVSA-2009%3A148
- http://www.openwall.com/lists/oss-security/2009/05/13/2
- http://www.redhat.com/support/errata/RHSA-2009-1157.html
- http://www.securityfocus.com/archive/1/505254/100/0/threaded
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34934
- http://www.ubuntu.com/usn/usn-793-1
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1331
- http://www.vupen.com/english/advisories/2009/3316
- https://bugzilla.redhat.com/show_bug.cgi?id=500297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990
- http://article.gmane.org/gmane.linux.nfs/26592
- http://bugzilla.linux-nfs.org/show_bug.cgi?id=131
- http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html
- http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html
- http://secunia.com/advisories/35106
- http://secunia.com/advisories/35298
- http://secunia.com/advisories/35394
- http://secunia.com/advisories/35656
- http://secunia.com/advisories/35847
- http://secunia.com/advisories/36051
- http://secunia.com/advisories/36327
- http://secunia.com/advisories/37471
- http://wiki.rpath.com/Advisories:rPSA-2009-0111
- http://www.debian.org/security/2009/dsa-1809
- http://www.debian.org/security/2009/dsa-1844
- http://www.debian.org/security/2009/dsa-1865
- http://www.mandriva.com/security/advisories?name=MDVSA-2009%3A135
- http://www.mandriva.com/security/advisories?name=MDVSA-2009%3A148
- http://www.openwall.com/lists/oss-security/2009/05/13/2
- http://www.redhat.com/support/errata/RHSA-2009-1157.html
- http://www.securityfocus.com/archive/1/505254/100/0/threaded
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34934
- http://www.ubuntu.com/usn/usn-793-1
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1331
- http://www.vupen.com/english/advisories/2009/3316
- https://bugzilla.redhat.com/show_bug.cgi?id=500297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990