CVE-2008-3527
Published Nov 5, 2008
Last updated 2 years ago
Overview
- Description
- arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Vendor comments
- Red HatThis issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG. It was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0957.html
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "455AF113-2E2D-46F2-8F92-C21E06E5B39F",
"versionEndIncluding": "2.6.20.21"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43F9DBB0-8AF7-42CA-95DD-68A344E9D549"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA39D4CE-22F0-46A2-B8CF-4599675E7D3A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDD00664-A27C-4514-A2A4-079E8F9B0251"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E336C792-B7A1-4318-8050-DE9F03474CEF"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7228AE50-BACB-4AB8-9CE5-17DB0CD661AF"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D260FD-E55E-4A95-AB7F-B880DBE37BAD"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E36D0159-1A05-4628-9C1C-360DED0F438C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E6654B9-42EB-4C2C-8F71-710D50556180"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1817C772-D367-4ABE-B835-466D31A6DC89"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C667B8E4-64EB-4A05-84FF-B2243DEF757D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9484B41A-DFB6-4481-80D8-440C711CEA53"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53D373AF-DE6B-428E-9F0F-F1D220900A4D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2975DF7-F916-456C-BF7C-2694559E5282"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D156EFF-D2E5-4F42-B6E7-954DE6CD90B4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "784EB96E-2FD3-4F77-8DB6-4D6C7A928946"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86A98A70-51E3-4556-8DC4-DD09CF370D1A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "469EE3B0-3CC2-4AC2-86A0-2DF34205E707"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCFECB2B-6482-45F2-B3BB-EDDEDA0948A0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EC547EB-9308-4477-8256-A0E04B42D6DA"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F55A024-9F8E-44F8-A0D8-696BC232524A"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84595143-3B04-4CE8-81C0-28EEEC58CD0E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32EE2B49-DDEB-4B49-A5F0-CAA161095A5F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3ABFA33-8FA1-488E-A9BD-1593F495F595"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62F6DE3A-E6CC-4D7E-BD08-E43DC4182200"
}
],
"operator": "OR"
}
]
}
]