Lucene search
Ubuntu.comUB:CVE-2008-0009HistoryFeb 12, 2008 - 12:00 a.m.
CVE-2008-0009
2008-02-1200:00:00
ubuntu.com
ubuntu.com
18
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22
through 2.6.24 does not validate a certain userspace pointer before
dereference, which might allow local users to access arbitrary kernel
memory locations.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | dapper-gutsy not affected. Only 2.6.23 - 2.6.24. See: http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt local root exploit on hardy (exploit code doesn’t exist yet) amitk will upload 2.6.24.2 for hardy soon |
Related
seebug
seebug
Linux Kernel vmsplice_to_user()函数本地权限提升漏洞
2008-02-22 00:00:00
prion
prion
Null pointer dereference
2008-02-12 21:00:00
Null pointer dereference
2008-02-12 21:00:00
cve
cve
CVE-2008-0009
2008-02-12 21:00:00
CVE-2008-0600
2008-02-12 21:00:00
nessus
nessus
Fedora 7 : kernel-2.6.23.15-80.fc7 (2008-1422)
2008-02-12 00:00:00
Mandriva Linux Security Advisory : kernel (MDVSA-2008:043)
2009-04-23 00:00:00
Fedora 8 : kernel-2.6.23.15-137.fc8 (2008-1423)
2008-02-12 00:00:00
ubuntucve
ubuntucve
CVE-2008-0600
2008-02-12 00:00:00
openvas
openvas
Fedora Update for kernel FEDORA-2008-1422
2009-02-16 00:00:00
Fedora Update for kernel FEDORA-2008-1423
2009-02-16 00:00:00
Fedora Update for kernel FEDORA-2008-1423
2009-02-16 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: kernel-2.6.23.15-137.fc8
2008-02-11 22:39:28
[SECURITY] Fedora 7 Update: kernel-2.6.23.15-80.fc7
2008-02-11 22:38:35
securityvulns
securityvulns
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
Related for UB:CVE-2008-0009