CVE-2008-3527

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-3527
arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d91d531900bfa1165d445390b3b13a8013f98f7
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://secunia.com/advisories/32485 Vendor Advisory
http://secunia.com/advisories/32759 Vendor Advisory
http://secunia.com/advisories/33180 Vendor Advisory
http://www.debian.org/security/2008/dsa-1687
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21
http://www.redhat.com/support/errata/RHSA-2008-0957.html
http://www.securitytracker.com/id?1021137
https://bugzilla.redhat.com/show_bug.cgi?id=460251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10602
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d91d531900bfa1165d445390b3b13a8013f98f7
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://secunia.com/advisories/32485 Vendor Advisory
http://secunia.com/advisories/32759 Vendor Advisory
http://secunia.com/advisories/33180 Vendor Advisory
http://www.debian.org/security/2008/dsa-1687
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21
http://www.redhat.com/support/errata/RHSA-2008-0957.html
http://www.securitytracker.com/id?1021137
https://bugzilla.redhat.com/show_bug.cgi?id=460251
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10602
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*
History

21 Nov 2024, 00:49

Type Values Removed Values Added
References () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d91d531900bfa1165d445390b3b13a8013f98f7 - () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d91d531900bfa1165d445390b3b13a8013f98f7 -
References () http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html - () http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html -
References () http://secunia.com/advisories/32485 - Vendor Advisory () http://secunia.com/advisories/32485 - Vendor Advisory
References () http://secunia.com/advisories/32759 - Vendor Advisory () http://secunia.com/advisories/32759 - Vendor Advisory
References () http://secunia.com/advisories/33180 - Vendor Advisory () http://secunia.com/advisories/33180 - Vendor Advisory
References () http://www.debian.org/security/2008/dsa-1687 - () http://www.debian.org/security/2008/dsa-1687 -
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 - () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 -
References () http://www.redhat.com/support/errata/RHSA-2008-0957.html - () http://www.redhat.com/support/errata/RHSA-2008-0957.html -
References () http://www.securitytracker.com/id?1021137 - () http://www.securitytracker.com/id?1021137 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=460251 - () https://bugzilla.redhat.com/show_bug.cgi?id=460251 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10602 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10602 -
Information

Published : 2008-11-05 15:00

Updated : 2024-11-21 00:49

NVD link : CVE-2008-3527

Mitre link : CVE-2008-3527

CVE.ORG link : CVE-2008-3527

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-264

Permissions, Privileges, and Access Controls


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024