CVE-2009-1072

CVE-2009-1072 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:C/A:N

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.