Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vweh-7dg6-vyhc
Summarykernel: uninit op in SOCKOPS_WRAP() leads to privesc
Aliases
0
alias CVE-2009-2692
Fixed_packages
Affected_packages
0
url pkg:rpm/redhat/kernel@2.4.21-60?arch=EL
purl pkg:rpm/redhat/kernel@2.4.21-60?arch=EL
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r72k-dsd5-mfe2
1
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.4.21-60%3Farch=EL
1
url pkg:rpm/redhat/kernel@2.6.9-78.0.27?arch=EL
purl pkg:rpm/redhat/kernel@2.6.9-78.0.27?arch=EL
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-krzc-waw7-37aq
1
vulnerability VCID-r72k-dsd5-mfe2
2
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-78.0.27%3Farch=EL
2
url pkg:rpm/redhat/kernel@2.6.9-89.0.9?arch=EL
purl pkg:rpm/redhat/kernel@2.6.9-89.0.9?arch=EL
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r72k-dsd5-mfe2
1
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-89.0.9%3Farch=EL
3
url pkg:rpm/redhat/kernel@2.6.18-92.1.28?arch=el5
purl pkg:rpm/redhat/kernel@2.6.18-92.1.28?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-krzc-waw7-37aq
1
vulnerability VCID-r72k-dsd5-mfe2
2
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-92.1.28%3Farch=el5
4
url pkg:rpm/redhat/kernel@2.6.18-128.7.1?arch=el5
purl pkg:rpm/redhat/kernel@2.6.18-128.7.1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r72k-dsd5-mfe2
1
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-128.7.1%3Farch=el5
5
url pkg:rpm/redhat/kernel-rt@2.6.24.7-132?arch=el5rt
purl pkg:rpm/redhat/kernel-rt@2.6.24.7-132?arch=el5rt
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-269b-atbn-e7er
1
vulnerability VCID-ee8e-pr3y-p3hh
2
vulnerability VCID-vweh-7dg6-vyhc
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@2.6.24.7-132%3Farch=el5rt
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2692.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2692
reference_id
reference_type
scores
0
value 0.16018
scoring_system epss
scoring_elements 0.94743
published_at 2026-04-01T12:55:00Z
1
value 0.16018
scoring_system epss
scoring_elements 0.94753
published_at 2026-04-02T12:55:00Z
2
value 0.16018
scoring_system epss
scoring_elements 0.94756
published_at 2026-04-04T12:55:00Z
3
value 0.17136
scoring_system epss
scoring_elements 0.94984
published_at 2026-04-07T12:55:00Z
4
value 0.17556
scoring_system epss
scoring_elements 0.95074
published_at 2026-04-08T12:55:00Z
5
value 0.17556
scoring_system epss
scoring_elements 0.95077
published_at 2026-04-09T12:55:00Z
6
value 0.17556
scoring_system epss
scoring_elements 0.95083
published_at 2026-04-11T12:55:00Z
7
value 0.17556
scoring_system epss
scoring_elements 0.95084
published_at 2026-04-12T12:55:00Z
8
value 0.17556
scoring_system epss
scoring_elements 0.95087
published_at 2026-04-13T12:55:00Z
9
value 0.17556
scoring_system epss
scoring_elements 0.95096
published_at 2026-04-16T12:55:00Z
10
value 0.17556
scoring_system epss
scoring_elements 0.95099
published_at 2026-04-18T12:55:00Z
11
value 0.17556
scoring_system epss
scoring_elements 0.95102
published_at 2026-04-24T12:55:00Z
12
value 0.17556
scoring_system epss
scoring_elements 0.95104
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2692
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=516949
reference_id 516949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=516949
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/android/local/9477.txt
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/android/local/9477.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/19933.rb
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/19933.rb
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9435.txt
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9435.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9436.txt
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9436.txt
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9479.c
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9479.c
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9545.c
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9545.c
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9598.txt
reference_id CVE-2009-2692;OSVDB-56992
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9598.txt
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9641.txt
reference_id OSVDB-56992;CVE-2009-2692
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/9641.txt
11
reference_url https://access.redhat.com/errata/RHSA-2009:1222
reference_id RHSA-2009:1222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1222
12
reference_url https://access.redhat.com/errata/RHSA-2009:1223
reference_id RHSA-2009:1223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1223
13
reference_url https://access.redhat.com/errata/RHSA-2009:1233
reference_id RHSA-2009:1233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1233
14
reference_url https://access.redhat.com/errata/RHSA-2009:1239
reference_id RHSA-2009:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1239
15
reference_url https://access.redhat.com/errata/RHSA-2009:1457
reference_id RHSA-2009:1457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1457
16
reference_url https://access.redhat.com/errata/RHSA-2009:1469
reference_id RHSA-2009:1469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1469
17
reference_url https://usn.ubuntu.com/819-1/
reference_id USN-819-1
reference_type
scores
url https://usn.ubuntu.com/819-1/
Weaknesses
0
cwe_id 456
name Missing Initialization of a Variable
description The product does not initialize critical variables, which causes the execution environment to use unexpected values.
1
cwe_id 476
name NULL Pointer Dereference
description A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Exploits
0
date_added 2009-08-13
description Linux Kernel 2.x - 'sock_sendpage()' Local Privilege Escalation (4)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2009-08-14
exploit_type local
platform linux
source_date_updated 2017-07-14
data_source Exploit-DB
source_url
1
date_added null
description 
The Linux kernel failed to properly initialize some entries in the
          proto_ops struct for several protocols, leading to NULL being
          dereferenced and used as a function pointer. By using mmap(2) to map
          page 0, an attacker can execute arbitrary code in the context of the
          kernel.

          Several public exploits exist for this vulnerability, including
          spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c.

          All Linux 2.4/2.6 versions since May 2001 are believed to be affected:
          2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

          This module has been tested successfully on CentOS 5.0 (i386) with
          kernel version 2.6.18-8.1.1.tl5; and Debian 3.1r8 Sarge (i686) with
          kernel version 2.4.27-3-386.
required_action null
due_date null
notes 
Reliability:
  - repeatable-session
SideEffects: []
Stability:
  - crash-os-down
AKA:
  - EXACTCHANGE
known_ransomware_campaign_use false
source_date_published 2009-08-13
exploit_type null
platform Linux
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/local/sock_sendpage.rb
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.2
Risk_score0.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vweh-7dg6-vyhc