CVE-2009-2695

EPSS 0.08% · P23 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-2695

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux Kernel mmap_min_addr低内存区空指针引用漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Red Hat Enterprise Linux 5.3的selinux-policy软件包提供了SELinux布尔值allow_unconfined_mmap_low，用于控制是否对在不受限制域(如unconfined_t或initrc_t)中所运行的进程应用mmap_min_addr限制。但allow_unconfined_mmap_low布

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-2695

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-2695

请登录查看更多情报信息。

http://twitter.com/spendergrsec/statuses/3303390960x_refsource_MISC
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=7c73875e7dda627040b12c19b01db634fa7f0fd1x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=788084aba2ab7348257597496befcbccabdc98a3x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c0d90103c7e0eb6e638e5b649e9f6d8d9c1b4b3x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=84336d1a77ccd2c06a730ddd38e695c2324a7386x_refsource_CONFIRM
http://danwalsh.livejournal.com/30084.htmlx_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d9959734a1949ea4f2427bd2d8b21ede6b2441cx_refsource_CONFIRM
http://kbase.redhat.com/faq/docs/DOC-18042x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=517830x_refsource_CONFIRM
http://patchwork.kernel.org/patch/36540/x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8cf948e744e0218af604c32edecde10006dc8e9ex_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc7x_refsource_CONFIRM
http://patchwork.kernel.org/patch/36539/x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ab5a91a8364c3d6fc617abc47cc81d162c01d90ax_refsource_CONFIRM
http://patchwork.kernel.org/patch/36649/x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=47d439e9fb8a81a90022cfa785bf1c36c4e2aff6x_refsource_CONFIRM
http://patchwork.kernel.org/patch/36650/x_refsource_CONFIRM
http://thread.gmane.org/gmane.linux.kernel.lsm/9075x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=a2551df7ec568d87793d2eea4ca744e86318f205x_refsource_CONFIRM
http://eparis.livejournal.com/606.htmlx_refsource_CONFIRM
http://secunia.com/advisories/38794third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36501third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/36051vdb-entryx_refsource_BID
http://secunia.com/advisories/37105third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/38834third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2010/dsa-2005vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-852-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0528vdb-entryx_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1548.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2009-1672.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2009-1540.htmlvendor-advisoryx_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.htmlvendor-advisoryx_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9882vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7144vdb-entrysignaturex_refsource_OVAL
http://www.openwall.com/lists/oss-security/2009/08/17/4mailing-listx_refsource_MLIST
http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2009-2695

Same Patch Batch · n/a · 2009-08-28 · 25 CVEs total

CVE-2008-7119		Webidsupport WeBid 'item.php'多个输入验证漏洞
CVE-2009-3008		christophe_thibault k-meleon 漏洞
CVE-2009-3007		Mozilla多个浏览器任意文件查看漏洞
CVE-2009-3006		Maxthon浏览器安全漏洞漏洞
CVE-2009-3005		lunascape 漏洞
CVE-2009-3004		avant_force avant_browser 漏洞
CVE-2009-3003		microsoft internet_explorer 漏洞
CVE-2009-3002		Linux Kernel .getname函数多个信息泄露漏洞
CVE-2009-3001		Linux Kernel 'net/llc/af_llc.c' 本地信息泄露漏洞
CVE-2009-3000		Sun Solaris 'sockfs' Kernel Module 远程拒绝服务漏洞
CVE-2008-7121		mrcgiguy hot_links_sql-php 跨站脚本攻击漏洞
CVE-2008-7120		Mrcgiguy Hot Links SQL-PHP 'news.php' SQL注入漏洞
CVE-2008-7107		ESET Smart Security 'easdrv.sys' 本地特权提升漏洞
CVE-2008-7118		Webidsupport WeBid多个输入验证漏洞
CVE-2008-7117		Webidsupport WeBid 'eledicss.php'多个输入验证漏洞
CVE-2008-7116		Webidsupport WeBid多个输入验证漏洞
CVE-2008-7115		Belkin F5D7632-4V6 Wireless G Router 多个身份认证绕过漏洞
CVE-2008-7114		Ifusionservices iFdate 'members_search.php' SQL注入漏洞
CVE-2008-7113		Kyocera Mita 扫描文件应用程序暴力破解漏洞
CVE-2008-7112		Kyocera Mita扫描文件应用程序拒绝服务漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-2695

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-2695

I. Basic Information for CVE-2009-2695

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-2695

III. Intelligence Information for CVE-2009-2695

Same Patch Batch · n/a · 2009-08-28 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-2695

Leave a comment