CVE Database · CVE-2009-1630
CVSS v3.1
N/A
EPSS
0.48%
Published
May 14, 2009
Modified
Apr 22, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.
Weaknesses (CWE)
Affected Products (13)
References (20)
