CVE-2009-1894

Related Files

Mandriva Linux Security Advisory 2009-171

Posted Jul 28, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-171 - Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link. This update provides fixes for this vulnerability.

tags | advisory, local, root

systems | linux, mandriva

advisories | CVE-2009-1894

SHA-256 | 849044bfba62baf25c7bf418a0814ff3799bad71d9160681d6e575fa4b939f3e

Download | Favorite | View

Debian Linux Security Advisory 1838-1

Posted Jul 20, 2009

Authored by Debian | Site debian.org

Debian Security Advisory 1838-1 - Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges.

tags | advisory, local

systems | linux, debian

advisories | CVE-2009-1894

SHA-256 | 45a80afc1cf274d6f81ee8a06edb00e8789a356accc2864d719d6ad7602ddbe6

Download | Favorite | View

PulseAudio Local Race Condition

Posted Jul 17, 2009

Authored by Yorick Koster | Site akitasecurity.nl

PulseAudio suffers from a local race condition privilege escalation vulnerability. Proof of concept exploit included.

tags | exploit, local, proof of concept

advisories | CVE-2009-1894

SHA-256 | 426a9d852cba8a790cc64c95d7415f44eccf93c747b639ad6f192ca0c06f2302

Download | Favorite | View

Mandriva Linux Security Advisory 2009-152

Posted Jul 17, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-152 - Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link. This update provides fixes for this vulnerability.

tags | advisory, local, root

systems | linux, mandriva

advisories | CVE-2009-1894

SHA-256 | efef538e5448dc71abb6142f0dac1a1ee4d7d0e7534491b4dea526851e048f60

Download | Favorite | View

Ubuntu Security Notice 804-1

Posted Jul 17, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-804-1 - Tavis Ormandy and Yorick Koster discovered that PulseAudio did not safely re-execute itself. A local attacker could exploit this to gain root privileges.

tags | advisory, local, root

systems | linux, ubuntu

advisories | CVE-2009-1894

SHA-256 | b8beb3fe604ec782db3bd384c85199c455906f54b4b92e94931ef02d23954d69

Download | Favorite | View

Gentoo Linux Security Advisory 200907-13

Posted Jul 17, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-13 - A vulnerability in PulseAudio may allow a local user to execute code with escalated privileges. Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that the pulseaudio binary is installed setuid root, and does not drop privileges before re-executing itself. The vulnerability has independently been reported to oCERT by Yorick Koster. Versions less than 0.9.9-r54 are affected.

tags | advisory, local, root

systems | linux, gentoo

advisories | CVE-2009-1894

SHA-256 | 0845b919b201ac150850dea798592c3e2d37064dc4f6d888379d713a2eda6d3d

Download | Favorite | View