Lucene search

Veracode Vulnerability DatabaseVERACODE:23387

HistoryApr 10, 2020 - 12:25 a.m.

Privilege Escalation

2020-04-1000:25:22

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

kernel is vulnerable to privilege escalation. The vulnerability exists as multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation.

CPENameOperatorVersion
kerneleq2.6.18__8.1.3.lspp.80.el5
kerneleq2.6.18__8.1.15.el5
kerneleq2.6.18__53.1.21.el5
kerneleq2.6.18__8.1.14.el5
kerneleq2.6.18__92.1.1.el5
kerneleq2.6.18__8.1.1.el5
kerneleq2.6.18__92.el5
kerneleq2.6.18__8.1.8.el5
kerneleq2.6.18__53.1.14.el5
kerneleq2.6.18__53.1.19.el5

Name	Operator	Version
kernel	eq	2.6.18__8.1.3.lspp.80.el5
kernel	eq	2.6.18__8.1.15.el5
kernel	eq	2.6.18__53.1.21.el5
kernel	eq	2.6.18__8.1.14.el5
kernel	eq	2.6.18__92.1.1.el5
kernel	eq	2.6.18__8.1.1.el5
kernel	eq	2.6.18__92.el5
kernel	eq	2.6.18__8.1.8.el5
kernel	eq	2.6.18__53.1.14.el5
kernel	eq	2.6.18__53.1.19.el5

Rows per page:

1-10 of 421

References

git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788

git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=2a739dd53ad7ee010ae6e155438507f329dce788

kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10

lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html

lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html

lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html

lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html

lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html

lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

secunia.com/advisories/30982

secunia.com/advisories/31048

secunia.com/advisories/31202

secunia.com/advisories/31229

secunia.com/advisories/31341

secunia.com/advisories/31551

secunia.com/advisories/31614

secunia.com/advisories/31685

secunia.com/advisories/32103

secunia.com/advisories/32370

secunia.com/advisories/32759

secunia.com/advisories/33201

support.avaya.com/elmodocs2/security/ASA-2008-365.htm

www.debian.org/security/2008/dsa-1630

www.openwall.com/lists/oss-security/2008/07/03/2

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2008-0612.html

www.redhat.com/support/errata/RHSA-2008-0665.html

www.redhat.com/support/errata/RHSA-2008-0973.html

www.securityfocus.com/bid/30076

www.vupen.com/english/advisories/2008/2063/references

access.redhat.com/errata/RHSA-2008:0612

exchange.xforce.ibmcloud.com/vulnerabilities/43687

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633

usn.ubuntu.com/637-1/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for VERACODE:23387