Lucene search
Ubuntu.comUB:CVE-2008-0600HistoryFeb 12, 2008 - 12:00 a.m.
CVE-2008-0600
2008-02-1200:00:00
ubuntu.com
ubuntu.com
9
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does
not validate a certain userspace pointer before dereference, which allows
local users to gain root privileges via crafted arguments in a vmsplice
system call, a different vulnerability than CVE-2008-0009 and
CVE-2008-0010.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | dapper not affected. Only 2.6.17. See vulnerability #1: http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt local root exploit (exploit code exists) amitk will upload 2.6.24.2 for hardy soon |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.10 | noarch | linux-source-2.6.17 | < 2.6.17.1-12.44 | UNKNOWN |
| ubuntu | 7.04 | noarch | linux-source-2.6.20 | < 2.6.20-16.35 | UNKNOWN |
| ubuntu | 7.10 | noarch | linux-source-2.6.22 | < 2.6.22-14.52 | UNKNOWN |
Related
nessus
nessus
Fedora 7 : kernel-2.6.23.15-80.fc7 (2008-1422)
2008-02-12 00:00:00
Mandriva Linux Security Advisory : kernel (MDVSA-2008:043)
2009-04-23 00:00:00
Fedora 8 : kernel-2.6.23.15-137.fc8 (2008-1423)
2008-02-12 00:00:00
cve
cve
prion
prion
Null pointer dereference
2008-02-12 21:00:00
Null pointer dereference
2008-02-12 21:00:00
Null pointer dereference
2008-02-12 21:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: kernel-2.6.23.15-137.fc8
2008-02-11 22:39:28
[SECURITY] Fedora 7 Update: kernel-2.6.23.15-80.fc7
2008-02-11 22:38:35
[SECURITY] Fedora 7 Update: kernel-xen-2.6-2.6.21-7.fc7
2008-02-13 05:16:54
openvas
openvas
Fedora Update for kernel FEDORA-2008-1422
2009-02-16 00:00:00
Fedora Update for kernel FEDORA-2008-1423
2009-02-16 00:00:00
Fedora Update for kernel FEDORA-2008-1423
2009-02-16 00:00:00
securityvulns
securityvulns
[Full-disclosure] [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation
2008-02-11 00:00:00
Linux kernel multiple security vulnerabilities
2008-02-12 00:00:00
osv
osv
linux-2.6 - privilege escalation
2008-02-11 00:00:00
slackware
slackware
[slackware-security] kernel exploit fix
2008-02-12 02:00:01
debian
debian
[SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation
2008-02-11 13:58:39
[SECURITY] [DSA 1494-2] New linux-2.6 packages fix privilege escalation
2008-02-13 06:18:12
canvas
canvas
Immunity Canvas: VMSPLICE
2008-02-12 21:00:00
ubuntucve
ubuntucve
CVE-2008-0010
2008-02-12 00:00:00
CVE-2008-0009
2008-02-12 00:00:00
seebug
seebug
Linux Kernel vmsplice_to_user()函数本地权限提升漏洞
2008-02-22 00:00:00
Linux Kernel copy_from_user_mmap_sem()函数内存访问漏洞
2008-02-22 00:00:00
Linux Kernel vmsplice_to_pipe()本地权限提升漏洞
2008-02-22 00:00:00
redhat
redhat
(RHSA-2008:0129) Important: kernel security update
2008-02-12 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:19:52
oraclelinux
oraclelinux
Important: kernel security update
2008-02-13 00:00:00
f5
f5
SOL8425 - Linux Kernel Vulnerability - CVE-2008-0600
2008-02-14 00:00:00
Linux Kernel Vulnerability - CVE-2008-0600
2008-02-15 03:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2008-02-12 00:00:00
centos
centos
kernel security update
2008-02-13 03:27:15
suse
suse
local privilege escalation in kernel
2008-02-12 13:43:48
local privilege escalation in kernel-rt
2008-03-06 17:51:13
remote denial of service in kernel
2008-06-20 16:05:15
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Related for UB:CVE-2008-0600