CVE-2008-3247
6.5 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors.
References
git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=74454a6a286bfce4bb23d89bd465f856fa6a6e19
kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26
lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html
secunia.com/advisories/31172
secunia.com/advisories/31202
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.11
www.securityfocus.com/bid/30351
www.securitytracker.com/id?1020544
exchange.xforce.ibmcloud.com/vulnerabilities/43979
Social References
More
Related
6.5 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%