CVE-2009-3556
CVSS v2.0
1.9 (Low)
EPSS
0.04 % (5th)
Affected Products
2
Advisories
1
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files.
Weaknesses
- CWE-264
- Permissions, Privileges, and Access Controls
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2010-01-27 17:30:00
(14 years ago) - Updated Date
-
2023-02-13 02:20:28
(19 months ago)
Affected Products
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...