CVE-2008-2148

Published May 12, 2008

Last updated a year ago

CVSS info 3.6

Overview

Description: The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.6
Impact score: 4.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61A3EDF2-09D7-4116-AE46-D86E4B9602AC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12A55028-B8F9-4AD2-AE57-A80D561F3C79"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C4E641C-67D4-4599-8EFB-0B2F8D81D68C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70460F6C-D6C0-4C1A-B13E-368705EAF223"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F26BA18-08AD-45FE-9F83-25CCB2E27270"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EBFF148-3EDA-4216-910B-8930D8C443C2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "648C63F7-EA1D-4F2E-B8AF-1F380C83E542"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1697B855-4834-4633-A5C8-C1F7F13ACE0D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FBAE75F-9145-4B9A-A6D8-E488C5326145"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5990C6C2-2F66-4C4D-8224-74163865F410"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A45A9B9-4B19-4A5B-BC95-BCBC4EF00F12"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C23AD176-3B99-4593-BCBD-13C1E579A13E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "034DFD7F-8919-4245-8480-7B272F591271"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CEBC606-6488-48CE-8AA8-5B8CC724D5D0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References