CVE-2008-1615 - Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local

CVE-2008-1615

Summary

Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.

References

Vulnerable Configurations

cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*
cpe:2.3:h:amd:amd64:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:amd64:*:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

oval via4

accepted

2013-04-29T04:20:17.741-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.

family

unix

oval:org.mitre.oval:def:9563

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.

version

redhat via4

advisories

bugzilla

id	445360
title	RHEL5.1 kernel not reclaiming NFS locks when server reboots

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

comment kernel earlier than 0:2.6.18-53.1.21.el5 is currently running
oval oval:com.redhat.rhsa:tst:20080275025
comment kernel earlier than 0:2.6.18-53.1.21.el5 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20080275026

AND
comment kernel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275001
comment kernel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314002
AND
comment kernel-PAE is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275003
comment kernel-PAE is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314004

AND

comment kernel-PAE-devel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275005
comment kernel-PAE-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314006

AND

comment kernel-debug is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275007
comment kernel-debug is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314008

AND

comment kernel-debug-devel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275009
comment kernel-debug-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314010

AND

comment kernel-devel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275011
comment kernel-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314012

AND
comment kernel-doc is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275013
comment kernel-doc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314014

AND

comment kernel-headers is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275015
comment kernel-headers is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314016

AND

comment kernel-kdump is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275017
comment kernel-kdump is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314018

AND

comment kernel-kdump-devel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275019
comment kernel-kdump-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314020

AND
comment kernel-xen is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275021
comment kernel-xen is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314022

AND

comment kernel-xen-devel is earlier than 0:2.6.18-53.1.21.el5
oval oval:com.redhat.rhsa:tst:20080275023
comment kernel-xen-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314024

rhsa

id	RHSA-2008:0275
released	2008-05-20
severity	Important
title	RHSA-2008:0275: kernel security and bug fix update (Important)

rhsa
id RHSA-2008:0237
rhsa
id RHSA-2008:0585

rpms

kernel-0:2.6.9-67.0.15.EL
kernel-debuginfo-0:2.6.9-67.0.15.EL
kernel-devel-0:2.6.9-67.0.15.EL
kernel-doc-0:2.6.9-67.0.15.EL
kernel-hugemem-0:2.6.9-67.0.15.EL
kernel-hugemem-devel-0:2.6.9-67.0.15.EL
kernel-largesmp-0:2.6.9-67.0.15.EL
kernel-largesmp-devel-0:2.6.9-67.0.15.EL
kernel-smp-0:2.6.9-67.0.15.EL
kernel-smp-devel-0:2.6.9-67.0.15.EL
kernel-xenU-0:2.6.9-67.0.15.EL
kernel-xenU-devel-0:2.6.9-67.0.15.EL
kernel-0:2.6.18-53.1.21.el5
kernel-PAE-0:2.6.18-53.1.21.el5
kernel-PAE-debuginfo-0:2.6.18-53.1.21.el5
kernel-PAE-devel-0:2.6.18-53.1.21.el5
kernel-debug-0:2.6.18-53.1.21.el5
kernel-debug-debuginfo-0:2.6.18-53.1.21.el5
kernel-debug-devel-0:2.6.18-53.1.21.el5
kernel-debuginfo-0:2.6.18-53.1.21.el5
kernel-debuginfo-common-0:2.6.18-53.1.21.el5
kernel-devel-0:2.6.18-53.1.21.el5
kernel-doc-0:2.6.18-53.1.21.el5
kernel-headers-0:2.6.18-53.1.21.el5
kernel-kdump-0:2.6.18-53.1.21.el5
kernel-kdump-debuginfo-0:2.6.18-53.1.21.el5
kernel-kdump-devel-0:2.6.18-53.1.21.el5
kernel-xen-0:2.6.18-53.1.21.el5
kernel-xen-debuginfo-0:2.6.18-53.1.21.el5
kernel-xen-devel-0:2.6.18-53.1.21.el5
kernel-rt-0:2.6.24.7-74.el5rt
kernel-rt-debug-0:2.6.24.7-74.el5rt
kernel-rt-debug-debuginfo-0:2.6.24.7-74.el5rt
kernel-rt-debug-devel-0:2.6.24.7-74.el5rt
kernel-rt-debuginfo-0:2.6.24.7-74.el5rt
kernel-rt-debuginfo-common-0:2.6.24.7-74.el5rt
kernel-rt-devel-0:2.6.24.7-74.el5rt
kernel-rt-doc-0:2.6.24.7-74.el5rt
kernel-rt-trace-0:2.6.24.7-74.el5rt
kernel-rt-trace-debuginfo-0:2.6.24.7-74.el5rt
kernel-rt-trace-devel-0:2.6.24.7-74.el5rt
kernel-rt-vanilla-0:2.6.24.7-74.el5rt
kernel-rt-vanilla-debuginfo-0:2.6.24.7-74.el5rt
kernel-rt-vanilla-devel-0:2.6.24.7-74.el5rt

refmap via4

bid	29086
debian	DSA-1588
fedora	FEDORA-2008-4043
mandriva	MDVSA-2008:167 MDVSA-2008:174
misc	https://bugzilla.redhat.com/show_bug.cgi?id=431430
sectrack	1020047
secunia	30112 30252 30294 30368 30818 30890 30962 30982 31107 31628
suse	SUSE-SA:2008:030 SUSE-SA:2008:031 SUSE-SA:2008:032 SUSE-SA:2008:035 SUSE-SA:2008:038
ubuntu	USN-625-1
xf	linux-kernel-processtrace-dos(42278)

Last major update

29-09-2017 - 01:30

Published

08-05-2008 - 00:20