linux-2.6 - denial of service

2008-05-1200:00:00

Google

osv.dev

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.3%

JSON

A vulnerability has been discovered in the Linux kernel that may lead
to a denial of service. The Common Vulnerabilities and Exposures
project identifies the following problem:

CVE-2008-1669
Alexander Viro discovered a race condition in the fcntl code that
may permit local users on multi-processor systems to execute parallel
code paths that are otherwise prohibited and gain re-ordered access
to the descriptor table.

For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch4.

For the unstable distribution (sid), this problem has been fixed in version
2.6.25-2.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

CPENameOperatorVersion
linux-2.6eq2.6.18.dfsg.1-12
linux-2.6eq2.6.18.dfsg.1-12etch1
linux-2.6eq2.6.18.dfsg.1-12etch2
linux-2.6eq2.6.18.dfsg.1-13
linux-2.6eq2.6.18.dfsg.1-13etch1
linux-2.6eq2.6.18.dfsg.1-13etch2
linux-2.6eq2.6.18.dfsg.1-13etch3
linux-2.6eq2.6.18.dfsg.1-13etch4
linux-2.6eq2.6.18.dfsg.1-13etch5
linux-2.6eq2.6.18.dfsg.1-13etch6

Name	Operator	Version
linux-2.6	eq	2.6.18.dfsg.1-12
linux-2.6	eq	2.6.18.dfsg.1-12etch1
linux-2.6	eq	2.6.18.dfsg.1-12etch2
linux-2.6	eq	2.6.18.dfsg.1-13
linux-2.6	eq	2.6.18.dfsg.1-13etch1
linux-2.6	eq	2.6.18.dfsg.1-13etch2
linux-2.6	eq	2.6.18.dfsg.1-13etch3
linux-2.6	eq	2.6.18.dfsg.1-13etch4
linux-2.6	eq	2.6.18.dfsg.1-13etch5
linux-2.6	eq	2.6.18.dfsg.1-13etch6