CVE-2009-2407
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2009-2407 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG did not include support for eCryptfs, and therefore are not affected by this issue.
Red Hat Enterprise Linux 5 was vulnerable to this issue and was addressed via: https://rhn.redhat.com/errata/RHSA-2009-1193.html
CVSS v2 metrics
| Base Score | 7.2 |
|---|---|
| Base Metrics | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 5 (kernel) | RHSA-2009:1193 | 2009-08-04 |
| Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) | RHSA-2009:1193 | 2009-08-04 |
Acknowledgements
Red Hat would like to thank Ramon de C. Valle for reporting this issue.CVE description copyright © 2017, The MITRE Corporation
