VDB
CVE-2009-3889
CVE-2009-3889
PUBLISHED
CVSS 6.599999904632568 MEDIUM
The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.
EPSS 0.10% · 27.3th percentile
Risk Scores
CVSS 2.0
6.599999904632568
EPSS Score
0.10%
27.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 2.6.16.48, 0, 2.6.1 |
| n/a | n/a | n/a |
Exploit Intelligence
- oval:org.mitre.oval:def:11018 (circl)
- SUSE-SA:2009:064 (circl)
- USN-864-1 (circl)
- [oss-security] 20091113 Re: CVE request: kernel: bad permissions on megaraid_sas sysfs files (circl)
- 37019 (circl)
- http://support.avaya.com/css/P8/documents/100073666 (circl)
- 37909 (circl)
- 60202 (circl)
- SUSE-SA:2009:061 (circl)
- DSA-2005 (circl)
…and 8 more exploits
Timeline
- Nov 16, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
References
- SUSE-SA:2009:061 vendor-advisory
- USN-864-1 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=526068 url
- [oss-security] 20091113 Re: CVE request: kernel: bad permissions on megaraid_sas sysfs files mailing-list
- 37019 vdb
- http://support.avaya.com/css/P8/documents/100073666 url
- 37909 third-party-advisory
- 60202 vdb
- oval:org.mitre.oval:def:11018 vdb
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66dca9b8c50b5e59d3bea8b21cee5c6dae6c9c46 url
- SUSE-SA:2009:064 vendor-advisory
- [oss-security] 20091113 CVE request: kernel: bad permissions on megaraid_sas sysfs files mailing-list
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 url
- SUSE-SA:2010:013 vendor-advisory
- RHSA-2010:0095 vendor-advisory
- oval:org.mitre.oval:def:7163 vdb
- RHSA-2010:0046 vendor-advisory
- DSA-2005 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2009-3889 advisory
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=66dca9b8c50b5e59d3bea8b21cee5c6dae6c9c46 url