Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-4302
HistorySep 29, 2008 - 5:17 p.m.

CVE-2008-4302

2008-09-2917:17:00
CWE-667
[email protected]
web.nvd.nist.gov
40
4
cve-2008-4302
linux kernel
splice subsystem
fs/splice.c
denial of service
nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.8 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.

Social References

More

Related

veracode 1
prion 1
ubuntucve 1
osv 1
nessus 6
openvas 5
securityvulns 2
debian 1
oraclelinux 1
redhat 1
centos 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:28:07
prion
prion
Design/Logic Flaw
2008-09-29 17:17:00
ubuntucve
ubuntucve
CVE-2008-4302
2008-09-29 00:00:00
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2008-10-13 00:00:00
nessus
nessus
Debian DSA-1653-1 : linux-2.6 - denial of service/privilege escalation
2008-10-14 00:00:00
Oracle Linux 5 : kernel (ELSA-2008-0957)
2013-07-12 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2012-08-01 00:00:00
openvas
openvas
Debian Security Advisory DSA 1653-1 (linux-2.6)
2008-11-01 00:00:00
Debian: Security Advisory (DSA-1653-1)
2008-11-01 00:00:00
Oracle: Security Advisory (ELSA-2008-0957)
2015-10-08 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities
2008-10-14 00:00:00
Linux kernel multiple security vulnerabilities
2008-10-18 00:00:00
debian
debian
[SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities
2008-10-13 20:25:41
oraclelinux
oraclelinux
kernel security and bug fix update
2008-11-05 00:00:00
redhat
redhat
(RHSA-2008:0957) Important: kernel security and bug fix update
2008-11-04 00:00:00
centos
centos
kernel security update
2008-11-05 16:01:40

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.8 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for CVE-2008-4302
veracode1prion1ubuntucve1osv1nessus6openvas5securityvulns2debian1oraclelinux1redhat1centos1