CVE-2009-3002

Public Exploit

Description

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.

Category

4.9
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 0.40%
Vendor Advisory redhat.com Vendor Advisory ubuntu.com Vendor Advisory opensuse.org Vendor Advisory opensuse.org Vendor Advisory redhat.com Vendor Advisory opensuse.org Vendor Advisory kernel.org
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc7 vendor advisory
http://www.securityfocus.com/archive/1/512019/100/0/threaded mailing list vdb entry third party advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11611 vdb entry third party advisory signature
https://rhn.redhat.com/errata/RHSA-2009-1540.html third party advisory vendor advisory
http://www.ubuntu.com/usn/USN-852-1 third party advisory vendor advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d392475c873c10c10d6d96b94d092a34ebd4791
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17ac2e9c58b69a1e25460a568eae1b0dc0188c25
https://bugzilla.redhat.com/show_bug.cgi?id=519305 issue tracking exploit third party advisory
http://secunia.com/advisories/37351 third party advisory
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html mailing list third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html mailing list third party advisory vendor advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f6b97b29513950bfbf621a83d85b6f86b39ec8db
http://www.securityfocus.com/bid/36150 exploit vdb entry third party advisory
http://www.openwall.com/lists/oss-security/2009/08/27/1 third party advisory mailing list
https://rhn.redhat.com/errata/RHSA-2009-1550.html third party advisory vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11741 vdb entry third party advisory signature
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=80922bbb12a105f858a8f0abb879cb4302d0ecaa
http://secunia.com/advisories/36438 third party advisory
http://www.exploit-db.com/exploits/9521 exploit vdb entry third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e84b90ae5eb3c112d1f208964df1d8156a538289
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html mailing list third party advisory vendor advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=09384dfc76e526c3993c09c42e016372dc9dd22c
http://secunia.com/advisories/37105 third party advisory
http://www.openwall.com/lists/oss-security/2009/08/27/2 third party advisory mailing list

Frequently Asked Questions

What is the severity of CVE-2009-3002?
CVE-2009-3002 has been scored as a medium severity vulnerability.
How to fix CVE-2009-3002?
To fix CVE-2009-3002, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2009-3002 being actively exploited in the wild?
It is possible that CVE-2009-3002 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.