CVE-2009-2698

HIGH EXPLOITED

Linux Kernel <2.6.19 - Privilege Escalation

Title source: llm

Description

The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.

Exploits (4)

exploitdb WORKING POC VERIFIED

by spender · textlocallinux

https://www.exploit-db.com/exploits/9574

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Andi · clocallinux

https://www.exploit-db.com/exploits/9575

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by INetCop Security · clocallinux_x86

https://www.exploit-db.com/exploits/9542

View Code ZIP pw:eip

nomisec WORKING POC 28 stars

by xiaoxiaoleo · poc

https://github.com/xiaoxiaoleo/CVE-2009-2698

View Code ZIP pw:eip

References (26)

[Broken Link] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1e0c14f49d6b393179f423abbac47f85618d3d46

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2009-1222.html

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2009-1223.html

[Broken Link, Vendor Advisory] http://secunia.com/advisories/23073

[Broken Link, Vendor Advisory] http://secunia.com/advisories/36430

[Broken Link, Vendor Advisory] http://secunia.com/advisories/36510

[Broken Link, Vendor Advisory] http://secunia.com/advisories/37105

[Broken Link, Vendor Advisory] http://secunia.com/advisories/37298

[Broken Link, Vendor Advisory] http://secunia.com/advisories/37471

[Third Party Advisory] http://support.avaya.com/css/P8/documents/100067254

[Broken Link, Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19

[Broken Link, Third Party Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2011:051

[Mailing List] http://www.openwall.com/lists/oss-security/2009/08/25/1

[Broken Link, Third Party Advisory] http://www.redhat.com/support/errata/RHSA-2009-1233.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/507985/100/0/threaded

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/512019/100/0/threaded

[Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/36108

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1022761

[Third Party Advisory] http://www.ubuntu.com/usn/USN-852-1

... and 6 more

Scores

CVSS v3 7.8

EPSS 0.2612

EPSS Percentile 96.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2026-02-09

CWE

CWE-476

Status published

Products (20)

canonical/ubuntu_linux 6.06

canonical/ubuntu_linux 8.04

canonical/ubuntu_linux 8.10

canonical/ubuntu_linux 9.04

fedoraproject/fedora 10

linux/linux_kernel < 2.6.19

redhat/enterprise_linux_desktop 4.0

redhat/enterprise_linux_desktop 5.0

redhat/enterprise_linux_eus 4.8

redhat/enterprise_linux_eus 5.3

... and 10 more

Published Aug 27, 2009

Tracked Since Feb 18, 2026