CVE-2009-1894

Published: Jul 17, 2009Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.

Affected (3)

Products: Pulseaudio: Pulseaudio

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Pulseaudio Pulseaudio	Version 0.9.10
Pulseaudio Pulseaudio	Version 0.9.14
Pulseaudio Pulseaudio	Version 0.9.9

Related CWEs

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (32)

http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html

Source: secalert@redhat.com

http://secunia.com/advisories/35868

Source: secalert@redhat.com

http://secunia.com/advisories/35886

Source: secalert@redhat.com

http://secunia.com/advisories/35896

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-200907-13.xml

Source: secalert@redhat.com

http://taviso.decsystem.org/research.html

Source: secalert@redhat.com

http://www.akitasecurity.nl/advisory.php?id=AK20090602

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1838

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:152

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:171

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/505052/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/35721

Source: secalert@redhat.com

ExploitPatch

http://www.ubuntu.com/usn/usn-804-1

Source: secalert@redhat.com

https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=510071

Source: secalert@redhat.com

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/51804

Source: secalert@redhat.com

http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35868

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35886

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35896

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200907-13.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://taviso.decsystem.org/research.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.akitasecurity.nl/advisory.php?id=AK20090602

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1838

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2009:152

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2009:171

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/505052/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35721

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.ubuntu.com/usn/usn-804-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://admin.fedoraproject.org/updates/pulseaudio-0.9.10-1.el5.2

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=510071

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/51804

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.