Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-4307
HistoryJan 13, 2009 - 12:00 a.m.

CVE-2008-4307

2009-01-1300:00:00
ubuntu.com
ubuntu.com
13

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%

Race condition in the do_setlk function in fs/nfs/file.c in the Linux
kernel before 2.6.26 allows local users to cause a denial of service
(crash) via vectors resulting in an interrupted RPC call that leads to a
stray FL_POSIX lock, related to improper handling of a race between fcntl
and close in the EINTR case.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlinux-source-2.6.15<Β 2.6.15-54.76UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22<Β 2.6.22-16.62UNKNOWN
ubuntu8.04noarchlinux<Β 2.6.24-23.52UNKNOWN

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%