CVE-2008-1675
5.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
45.0%
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.
References
marc.info/?l=linux-kernel&m=120949204519706&w=2
marc.info/?l=linux-kernel&m=120949204619718&w=2
marc.info/?l=linux-kernel&m=120949582428998&w=2
secunia.com/advisories/30017
secunia.com/advisories/30044
secunia.com/advisories/30260
secunia.com/advisories/30515
wiki.rpath.com/Advisories:rPSA-2008-0157
wiki.rpath.com/wiki/Advisories:rPSA-2008-0157
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
www.mandriva.com/security/advisories?name=MDVSA-2008:109
www.mandriva.com/security/advisories?name=MDVSA-2008:167
www.securityfocus.com/archive/1/491566/100/0/threaded
www.securityfocus.com/archive/1/491732/100/0/threaded
www.securityfocus.com/bid/29014
www.securitytracker.com/id?1019960
www.vupen.com/english/advisories/2008/1406/references
exchange.xforce.ibmcloud.com/vulnerabilities/42132
issues.rpath.com/browse/RPL-2501
usn.ubuntu.com/614-1/
www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html
Related
5.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
45.0%