CVE-2008-5395

2008-12-0900:30:00

CWE-119

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2008-5395

linux kernel

pa-risc

denial of service

system crash

nvd

5.8 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses.

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle2.6.28
linux:linux_kernellinux linux kerneleq2.2.27
linux:linux_kernellinux linux kerneleq2.4.36
linux:linux_kernellinux linux kerneleq2.4.36.1
linux:linux_kernellinux linux kerneleq2.4.36.2
linux:linux_kernellinux linux kerneleq2.4.36.3
linux:linux_kernellinux linux kerneleq2.4.36.4
linux:linux_kernellinux linux kerneleq2.4.36.5
linux:linux_kernellinux linux kerneleq2.4.36.6
linux:linux_kernellinux linux kerneleq2.6

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	2.6.28
linux:linux_kernel	linux linux kernel	eq	2.2.27
linux:linux_kernel	linux linux kernel	eq	2.4.36
linux:linux_kernel	linux linux kernel	eq	2.4.36.1
linux:linux_kernel	linux linux kernel	eq	2.4.36.2
linux:linux_kernel	linux linux kernel	eq	2.4.36.3
linux:linux_kernel	linux linux kernel	eq	2.4.36.4
linux:linux_kernel	linux linux kernel	eq	2.4.36.5
linux:linux_kernel	linux linux kernel	eq	2.4.36.6
linux:linux_kernel	linux linux kernel	eq	2.6