Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23456

HistoryApr 10, 2020 - 12:27 a.m.

Privilege Escalation

2020-04-1000:27:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

kernel is vulnerable to privilege escalation. The vulnerability exists as it was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption.

CPENameOperatorVersion
kerneleq2.6.18__8.1.14.el5
kerneleq2.6.18__8.1.3.el5
kerneleq2.6.18__8.1.3.lspp.80.el5
kerneleq2.6.18__8.1.8.el5
kerneleq2.6.18__53.1.4.el5
kerneleq2.6.18__8.1.3.lspp.81.el5
kerneleq2.6.18__8.1.1.el5
kerneleq2.6.18__53.1.14.el5
kerneleq2.6.18__8.1.4.el5
kerneleq2.6.18__53.el5

Rows per page:

1-10 of 321

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=469058

gcc.gnu.org/ml/gcc-patches/2008-03/msg00417.html

gcc.gnu.org/ml/gcc-patches/2008-03/msg00428.html

gcc.gnu.org/ml/gcc-patches/2008-03/msg00432.html

gcc.gnu.org/ml/gcc-patches/2008-03/msg00499.html

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e40cd10ccff3d9fbffd57b93780bee4b7b9bff51

lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html

lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html

lists.vmware.com/pipermail/security-announce/2008/000023.html

lkml.org/lkml/2008/3/5/207

lwn.net/Articles/272048/#Comments

marc.info/?l=git-commits-head&m=120492000901739&w=2

rhn.redhat.com/errata/RHSA-2008-0508.html

secunia.com/advisories/30110

secunia.com/advisories/30116

secunia.com/advisories/30818

secunia.com/advisories/30850

secunia.com/advisories/30890

secunia.com/advisories/30962

secunia.com/advisories/31246

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2008-0211.html

www.redhat.com/support/errata/RHSA-2008-0233.html

www.securityfocus.com/bid/29084

www.vupen.com/english/advisories/2008/2222/references

access.redhat.com/errata/RHSA-2008:0233

bugzilla.redhat.com/show_bug.cgi?id=437312

exchange.xforce.ibmcloud.com/vulnerabilities/41340

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11108

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Related for VERACODE:23456

prion1 debiancve1 cve1 ubuntucve1 openvas20 nessus17 centos3 redhat3 suse3 oraclelinux4 vmware2