Unrated severityNVD Advisory· Published Aug 14, 2009· Updated Apr 23, 2026

CVE-2009-2691

Description

The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.

Affected products

Linux/Kernel10 versions
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.30.4
- cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.30:rc7-git6:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lkml.org/lkml/2009/6/23/653nvdPatch
marc.infonvdPatch
marc.infonvdPatch
secunia.com/advisories/36265nvdVendor Advisory
www.vupen.com/english/advisories/2009/2246nvdVendor Advisory
lkml.org/lkml/2009/6/23/652nvd
secunia.com/advisories/36501nvd
www.debian.org/security/2010/dsa-2005nvd
www.openwall.com/lists/oss-security/2009/08/11/1nvd
www.securityfocus.com/bid/36019nvd
bugzilla.redhat.com/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/52401nvd
rhn.redhat.com/errata/RHSA-2009-1540.htmlnvd
www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000