CVE-2008-2944 - Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Ent

CVE-2008-2944

Summary

Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.

References

Vulnerable Configurations

cpe:2.3:o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 07-02-2022 - 19:50)
Impact:
Exploitability:

CWE

CWE-415

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

refmap via4

confirm	https://bugzilla.redhat.com/show_bug.cgi?id=207002 https://bugzilla.redhat.com/show_bug.cgi?id=449359
xf	linux-kernel-utrace-dos(43556)

Last major update

07-02-2022 - 19:50

Published

30-06-2008 - 21:41

Last modified

07-02-2022 - 19:50