CVE-2009-3725 | Vulnerability Database | Aqua Security

The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	2.6.31.5 (excluding)
Linux	Ubuntu	hardy	*
Linux	Ubuntu	intrepid	*
Linux	Ubuntu	jaunty	*
Linux	Ubuntu	karmic	*
Linux	Ubuntu	upstream	*

References

http://marc.info/?l=linux-kernel\u0026m=125449888416314\u0026w=2
http://marc.info/?l=oss-security\u0026m=125715484511380\u0026w=2
http://marc.info/?l=oss-security\u0026m=125716192622235\u0026w=2
http://patchwork.kernel.org/patch/51382/
http://patchwork.kernel.org/patch/51383/
http://patchwork.kernel.org/patch/51384/
http://patchwork.kernel.org/patch/51387/
http://secunia.com/advisories/37113
http://secunia.com/advisories/38905
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5
http://www.securityfocus.com/bid/36834
http://www.ubuntu.com/usn/usn-864-1
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-3725
CWE	https://cwe.mitre.org/data/definitions/264.html