CVE-2009-3939

HIGH

Linux kernel <2.6.31.6 - Local Privilege Escalation

Title source: llm

Description

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

References (23)

... and 3 more

Scores

CVSS v3 7.1
EPSS 0.0004
EPSS Percentile 13.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Classification

CWE
CWE-732
Status draft

Affected Products (29)

linux/linux_kernel < 2.6.31.6
redhat/virtualization
redhat/enterprise_linux_desktop
redhat/enterprise_linux_eus
redhat/enterprise_linux_server
redhat/enterprise_linux_workstation
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
debian/debian_linux
avaya/aura_application_enablement_services
avaya/aura_application_enablement_services
avaya/aura_communication_manager
... and 14 more

Timeline

Published Nov 16, 2009
Tracked Since Feb 18, 2026