Lucene search

[email protected]CVE-2008-3527

HistoryNov 05, 2008 - 3:00 p.m.

CVE-2008-3527

2008-11-0515:00:14

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3527

linux kernel

vdso

security

boundary check

privilege escalation

denial of service

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤2.6.20.21

linuxlinux_kernelMatch2.2.27

linuxlinux_kernelMatch2.4.36

linuxlinux_kernelMatch2.4.36.1

linuxlinux_kernelMatch2.4.36.2

linuxlinux_kernelMatch2.4.36.3

linuxlinux_kernelMatch2.4.36.4

linuxlinux_kernelMatch2.4.36.5

linuxlinux_kernelMatch2.4.36.6

linuxlinux_kernelMatch2.6

linuxlinux_kernelMatch2.6.18

linuxlinux_kernelMatch2.6.18rc1

linuxlinux_kernelMatch2.6.18rc2

linuxlinux_kernelMatch2.6.18rc3

linuxlinux_kernelMatch2.6.18rc4

linuxlinux_kernelMatch2.6.18rc5

linuxlinux_kernelMatch2.6.18rc6

linuxlinux_kernelMatch2.6.18rc7

linuxlinux_kernelMatch2.6.19.4

linuxlinux_kernelMatch2.6.19.5

linuxlinux_kernelMatch2.6.19.6

linuxlinux_kernelMatch2.6.19.7

linuxlinux_kernelMatch2.6.20.16

linuxlinux_kernelMatch2.6.20.17

linuxlinux_kernelMatch2.6.20.18

linuxlinux_kernelMatch2.6.20.19

linuxlinux_kernelMatch2.6.20.20

VendorProductVersionCPE
linuxlinux_kernel2.4.36.3cpe:/o:linux:linux_kernel:2.4.36.3:::
linuxlinux_kernel2.6.18cpe:/o:linux:linux_kernel:2.6.18:rc3::
linuxlinux_kernel2.6.20.17cpe:/o:linux:linux_kernel:2.6.20.17:::
linuxlinux_kernel2.6.18cpe:/o:linux:linux_kernel:2.6.18:rc1::
linuxlinux_kernel2.4.36cpe:/o:linux:linux_kernel:2.4.36:::
linuxlinux_kernel2.6.19.4cpe:/o:linux:linux_kernel:2.6.19.4:::
linuxlinux_kernel2.6.19.7cpe:/o:linux:linux_kernel:2.6.19.7:::
linuxlinux_kernel2.6.19.5cpe:/o:linux:linux_kernel:2.6.19.5:::
linuxlinux_kernel2.6.20.16cpe:/o:linux:linux_kernel:2.6.20.16:::
linuxlinux_kernel2.6.18cpe:/o:linux:linux_kernel:2.6.18:rc7::

Vendor	Product	Version	CPE
linux	linux_kernel	2.4.36.3	cpe:/o:linux:linux_kernel:2.4.36.3:::
linux	linux_kernel	2.6.18	cpe:/o:linux:linux_kernel:2.6.18:rc3::
linux	linux_kernel	2.6.20.17	cpe:/o:linux:linux_kernel:2.6.20.17:::
linux	linux_kernel	2.6.18	cpe:/o:linux:linux_kernel:2.6.18:rc1::
linux	linux_kernel	2.4.36	cpe:/o:linux:linux_kernel:2.4.36:::
linux	linux_kernel	2.6.19.4	cpe:/o:linux:linux_kernel:2.6.19.4:::
linux	linux_kernel	2.6.19.7	cpe:/o:linux:linux_kernel:2.6.19.7:::
linux	linux_kernel	2.6.19.5	cpe:/o:linux:linux_kernel:2.6.19.5:::
linux	linux_kernel	2.6.20.16	cpe:/o:linux:linux_kernel:2.6.20.16:::
linux	linux_kernel	2.6.18	cpe:/o:linux:linux_kernel:2.6.18:rc7::