CVE-2008-2148
Published May 12, 2008
Last updated a year ago
Overview
- Description
- The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.6
- Impact score
- 4.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61A3EDF2-09D7-4116-AE46-D86E4B9602AC"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12A55028-B8F9-4AD2-AE57-A80D561F3C79"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C4E641C-67D4-4599-8EFB-0B2F8D81D68C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70460F6C-D6C0-4C1A-B13E-368705EAF223"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F26BA18-08AD-45FE-9F83-25CCB2E27270"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EBFF148-3EDA-4216-910B-8930D8C443C2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "648C63F7-EA1D-4F2E-B8AF-1F380C83E542"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1697B855-4834-4633-A5C8-C1F7F13ACE0D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FBAE75F-9145-4B9A-A6D8-E488C5326145"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5990C6C2-2F66-4C4D-8224-74163865F410"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A45A9B9-4B19-4A5B-BC95-BCBC4EF00F12"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C23AD176-3B99-4593-BCBD-13C1E579A13E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "034DFD7F-8919-4245-8480-7B272F591271"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CEBC606-6488-48CE-8AA8-5B8CC724D5D0"
}
],
"operator": "OR"
}
]
}
]