1. Home
  2. Vulnerabilities
  3. CVE-2009-3939

CVE-2009-3939

CVSS v3.1 7.1 (High)
71% Progress
CVSS v2.0 6.6 (Medium)
66% Progress
EPSS 0.04 % (13th)
0.04% Progress
Affected Products 18
Advisories 2
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

Weaknesses
CWE-732
Incorrect Permission Assignment for Critical Resource
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2009-11-16 19:30:01
(15 years ago)
Updated Date
2024-01-25 21:37:47
(7 months ago)

Affected Products

Avaya

Canonical

Debian

Linux

Opensuse

Redhat

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel 2.6.31.6 and prior versions cpe:2.3:o:linux:linux_kernel <= 2.6.31.6

Configuration #2

    CPE23 From Up To
  Redhat Virtualization 5 cpe:2.3:a:redhat:virtualization:5
  Redhat Enterprise Linux Desktop 5.0 cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
  Redhat Enterprise Linux Eus 5.4 cpe:2.3:o:redhat:enterprise_linux_eus:5.4
  Redhat Enterprise Linux Server 5.0 cpe:2.3:o:redhat:enterprise_linux_server:5.0
  Redhat Enterprise Linux Workstation 5.0 cpe:2.3:o:redhat:enterprise_linux_workstation:5.0

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 6.06 cpe:2.3:o:canonical:ubuntu_linux:6.06
  Canonical Ubuntu Linux 8.04 cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-
  Canonical Ubuntu Linux 8.10 cpe:2.3:o:canonical:ubuntu_linux:8.10
  Canonical Ubuntu Linux 9.04 cpe:2.3:o:canonical:ubuntu_linux:9.04
  Canonical Ubuntu Linux 9.10 cpe:2.3:o:canonical:ubuntu_linux:9.10

Configuration #4

    CPE23 From Up To
  Debian Linux 5.0 cpe:2.3:o:debian:debian_linux:5.0

Configuration #5

    CPE23 From Up To
  Avaya Aura Application Enablement Services 5.2 cpe:2.3:a:avaya:aura_application_enablement_services:5.2
  Avaya Aura Application Enablement Services 5.2.1 cpe:2.3:a:avaya:aura_application_enablement_services:5.2.1
  Avaya Aura Communication Manager 5.2 cpe:2.3:a:avaya:aura_communication_manager:5.2
  Avaya Aura Session Manager 1.1 cpe:2.3:a:avaya:aura_session_manager:1.1
  Avaya Aura Session Manager 5.2 cpe:2.3:a:avaya:aura_session_manager:5.2
  Avaya Aura Sip Enablement Services 5.2 cpe:2.3:a:avaya:aura_sip_enablement_services:5.2
  Avaya Aura System Manager 5.2 cpe:2.3:a:avaya:aura_system_manager:5.2
  Avaya Aura System Manager 6.0 cpe:2.3:a:avaya:aura_system_manager:6.0
  Avaya Aura System Platform 1.1 cpe:2.3:a:avaya:aura_system_platform:1.1
  Avaya Voice Portal 5.0 cpe:2.3:a:avaya:voice_portal:5.0

Configuration #6

    CPE23 From Up To
  Opensuse 11.0 cpe:2.3:o:opensuse:opensuse:11.0
  Opensuse 11.1 cpe:2.3:o:opensuse:opensuse:11.1
  Opensuse 11.2 cpe:2.3:o:opensuse:opensuse:11.2
  Suse Linux Enterprise Desktop 10 SP3 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3
  Suse Linux Enterprise Desktop 11 cpe:2.3:o:suse:linux_enterprise_desktop:11:-
  Suse Linux Enterprise Server 10 SP3 cpe:2.3:o:suse:linux_enterprise_server:10:sp3
  Suse Linux Enterprise Server 11 cpe:2.3:o:suse:linux_enterprise_server:11:-