CVE-2009-1072

CVE Database · CVE-2009-1072

CVE-2009-1072

· N/AModified

CVSS v3.1

N/A

EPSS

0.43%

Published

Mar 24, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

Weaknesses (CWE)

CWE-16

Affected Products (22)

linux · linux_kernel (up to 2.6.28.9)vulnerable

opensuse · opensusevulnerable

suse · linux_enterprise_desktopvulnerable

suse · linux_enterprise_servervulnerable

debian · debian_linuxvulnerable

canonical · ubuntu_linuxvulnerable