CVE-2009-1337


Severity : Medium
Published : 2009-04-22
Modified : 2012-03-19
Base Score : 4.4
Details : The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Professional PRO 5.0  
Professional PRO 5.0  
CGE 5.x  
Mobilinux 5.x  
 
 
 


CVE Vulnerabilities List CVE-2009