CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
10.1%
It was discovered that there were multiple NULL-pointer function
dereferences in the Linux kernel terminal handling code. A local attacker
could exploit this to execute arbitrary code as root, or crash the system,
leading to a denial of service. (CVE-2008-2812)
The do_change_type routine did not correctly validation administrative
users. A local attacker could exploit this to block mount points or cause
private mounts to be shared, leading to denial of service or a possible
loss of privacy. (CVE-2008-2931)
Tobias Klein discovered that the OSS interface through ALSA did not
correctly validate the device number. A local attacker could exploit this
to access sensitive kernel memory, leading to a denial of service or a loss
of privacy. (CVE-2008-3272)
Zoltan Sogor discovered that new directory entries could be added to
already deleted directories. A local attacker could exploit this, filling
up available memory and disk space, leading to a denial of service.
(CVE-2008-3275)
In certain situations, the fix for CVE-2008-0598 from USN-623-1 was causing
infinite loops in the writev syscall. This update corrects the mistake. We
apologize for the inconvenience.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | linux-image-2.6.24-19-server | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | acpi-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | block-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | crypto-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | fat-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | fb-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | firewire-core-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | floppy-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | fs-core-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
Ubuntu | 8.04 | noarch | fs-secondary-modules-2.6.24-19-generic-di | < 2.6.24-19.41 | UNKNOWN |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
10.1%