Unrated severityNVD Advisory· Published Oct 1, 2009· Updated Jun 16, 2026
CVE-2009-2904
CVE-2009-2904
Description
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
11- rhn.redhat.com/errata/RHSA-2009-1470.htmlnvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.htmlnvd
- lists.vmware.com/pipermail/security-announce/2010/000082.htmlnvd
- osvdb.org/58495nvd
- secunia.com/advisories/38794nvd
- secunia.com/advisories/38834nvd
- secunia.com/advisories/39182nvd
- www.securityfocus.com/bid/36552nvd
- www.vupen.com/english/advisories/2010/0528nvd
- bugzilla.redhat.com/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9862nvd
News mentions
0No linked articles in our index yet.