VulnerableCode Vulnerability Details - VCID-r72k-dsd5-mfe2

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-r72k-dsd5-mfe2

Essentials
Severities (14)
References (12)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-r72k-dsd5-mfe2
Aliases	CVE-2009-2698
Summary	kernel: udp socket NULL ptr dereference
Status	Published
Exploitability	2.0
Weighted Severity	0.3
Risk	0.6
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-476

NULL Pointer Dereference

System	Score	Found at
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.26117	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.27606	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.27606	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.27606	https://api.first.org/data/v1/epss?cve=CVE-2009-2698
epss	0.29406	https://api.first.org/data/v1/epss?cve=CVE-2009-2698

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2698.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-2698
518034		https://bugzilla.redhat.com/show_bug.cgi?id=518034
CVE-2009-2698	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9574.txt
CVE-2009-2698	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/local/9542.c
OSVDB-57462;CVE-2009-2698	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9575.c
RHSA-2009:1222		https://access.redhat.com/errata/RHSA-2009:1222
RHSA-2009:1223		https://access.redhat.com/errata/RHSA-2009:1223
RHSA-2009:1233		https://access.redhat.com/errata/RHSA-2009:1233
RHSA-2009:1457		https://access.redhat.com/errata/RHSA-2009:1457
RHSA-2009:1469		https://access.redhat.com/errata/RHSA-2009:1469
USN-852-1		https://usn.ubuntu.com/852-1/

Data source	Exploit-DB
Date added	Aug. 30, 2009
Description	Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
Ransomware campaign use	Known
Source publication date	Aug. 31, 2009
Exploit type	local
Platform	linux_x86
Source update date	Sept. 21, 2016

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.96278
EPSS Score	0.26117
Published At	April 8, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:57:55.798090+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2698.json	38.0.0