CVE-2008-6107
5.8 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137.
References
marc.info/?l=linux-kernel&m=121071103304610&w=2
secunia.com/advisories/30258
securitytracker.com/id?1020120
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.4
www.securityfocus.com/bid/33836
www.ubuntu.com/usn/usn-751-1
www.vupen.com/english/advisories/2008/1655/references
exchange.xforce.ibmcloud.com/vulnerabilities/48710
Social References
More
Related
5.8 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%