Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6maj-yfz2-p7h3

Summary kernel: create_elf_tables can leave urandom in a bad state

Aliases

alias	CVE-2009-4141

Fixed_packages

Affected_packages

url pkg:rpm/redhat/kernel@2.6.18-128.14.1?arch=el5

purl pkg:rpm/redhat/kernel@2.6.18-128.14.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6maj-yfz2-p7h3

vulnerability	VCID-msn3-mmwj-dked

vulnerability	VCID-pwta-vnfw-tfhp

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-128.14.1%3Farch=el5

url pkg:rpm/redhat/kernel@2.6.18-164.11.1?arch=el5

purl pkg:rpm/redhat/kernel@2.6.18-164.11.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6maj-yfz2-p7h3

vulnerability	VCID-7xqe-cvcu-cqeu

vulnerability	VCID-bzck-use4-7ygm

vulnerability	VCID-c7vw-3qbq-wubw

vulnerability	VCID-d3sv-sfxz-jyg8

vulnerability	VCID-djq9-mejy-b7ah

vulnerability	VCID-fcjb-4n2a-auh4

vulnerability	VCID-h61x-6rtm-w7b3

vulnerability	VCID-k6jn-xb74-kyex

vulnerability	VCID-mwme-pa6q-q7d4

vulnerability	VCID-zha6-q3tu-p7cs

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-164.11.1%3Farch=el5

url pkg:rpm/redhat/kernel-rt@2.6.24.7-149?arch=el5rt

purl pkg:rpm/redhat/kernel-rt@2.6.24.7-149?arch=el5rt

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ap5-r7r1-nud8

vulnerability	VCID-2jb7-c47x-fyh5

vulnerability	VCID-6maj-yfz2-p7h3

vulnerability	VCID-arhf-b84c-6kb7

vulnerability	VCID-g3ad-ywbt-pfcv

vulnerability	VCID-msn3-mmwj-dked

vulnerability	VCID-nc9h-dj44-j3bj

vulnerability	VCID-wcj6-5pu2-n7gx

vulnerability	VCID-xbsh-hqkt-duf4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@2.6.24.7-149%3Farch=el5rt

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4141.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4141.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4141

reference_id

reference_type

scores

value	0.00109
scoring_system	epss
scoring_elements	0.28852
published_at	2026-04-29T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29156
published_at	2026-04-21T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29035
published_at	2026-04-24T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.28924
published_at	2026-04-26T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29188
published_at	2026-04-07T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29253
published_at	2026-04-08T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29293
published_at	2026-04-09T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29298
published_at	2026-04-11T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29252
published_at	2026-04-12T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29199
published_at	2026-04-13T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29226
published_at	2026-04-16T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29201
published_at	2026-04-18T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30388
published_at	2026-04-02T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30433
published_at	2026-04-04T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30358
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4141

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=547906
reference_id	547906
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=547906

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/33523.c
reference_id	CVE-2009-4141;OSVDB-61687
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/33523.c

reference_url	https://www.securityfocus.com/bid/37806/info
reference_id	CVE-2009-4141;OSVDB-61687
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/37806/info

reference_url	https://access.redhat.com/errata/RHSA-2010:0046
reference_id	RHSA-2010:0046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0046

reference_url	https://access.redhat.com/errata/RHSA-2010:0149
reference_id	RHSA-2010:0149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0149

reference_url	https://access.redhat.com/errata/RHSA-2010:0161
reference_id	RHSA-2010:0161
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0161

reference_url	https://usn.ubuntu.com/894-1/
reference_id	USN-894-1
reference_type
scores
url	https://usn.ubuntu.com/894-1/

Weaknesses

cwe_id	672
name	Operation on a Resource after Expiration or Release
description	The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

date_added	2009-12-16
description	Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2009-12-16
exploit_type	local
platform	linux
source_date_updated	2014-05-27
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/37806/info

Severity_range_score null

Exploitability 2.0

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6maj-yfz2-p7h3

Vulnerability Instance