Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-4410
HistoryOct 03, 2008 - 12:00 a.m.

CVE-2008-4410

2008-10-0300:00:00
ubuntu.com
ubuntu.com
21

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

5.1%

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual
Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes
write_idt_entry where write_ldt_entry was intended, which allows local
users to cause a denial of service (persistent application failure) via
crafted function calls, related to the Java Runtime Environment (JRE)
experiencing improper LDT selector state, a different vulnerability than
CVE-2008-3247.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

5.1%