fkie_nvd - fkie_cve-2008-0009

fkie_cve-2008-0009

Vulnerability from fkie_nvd

Published

2008-02-12 21:00

Modified

2025-04-09 00:30

Severity ?

Summary

The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.

References

URL	Tags
secalert@redhat.com	http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt	Exploit
secalert@redhat.com	http://secunia.com/advisories/28835
secalert@redhat.com	http://secunia.com/advisories/28896
secalert@redhat.com	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1	Exploit
secalert@redhat.com	http://www.securityfocus.com/archive/1/487982/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/27704
secalert@redhat.com	http://www.securityfocus.com/bid/27799
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0487/references
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=431206	Exploit
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html
af854a3a-2127-422b-91ae-364da2661108	http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28835
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28896
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/487982/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27704
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27799
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0487/references
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=431206	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html

Impacted products

Vendor	Product	Version
linux	linux_kernel	2.6.22
linux	linux_kernel	2.6.22
linux	linux_kernel	2.6.22.1
linux	linux_kernel	2.6.22.3
linux	linux_kernel	2.6.22.4
linux	linux_kernel	2.6.22.5
linux	linux_kernel	2.6.22.6
linux	linux_kernel	2.6.22.7
linux	linux_kernel	2.6.22.16
linux	linux_kernel	2.6.23
linux	linux_kernel	2.6.23
linux	linux_kernel	2.6.23
linux	linux_kernel	2.6.23.1
linux	linux_kernel	2.6.23.2
linux	linux_kernel	2.6.23.3
linux	linux_kernel	2.6.23.4
linux	linux_kernel	2.6.23.5
linux	linux_kernel	2.6.23.6
linux	linux_kernel	2.6.23.7
linux	linux_kernel	2.6.23.9
linux	linux_kernel	2.6.23.14
linux	linux_kernel	2.6.24
linux	linux_kernel	2.6.24

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "D123AAFE-3F17-45C4-9382-BA392FD022C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0E249774-CE05-43D5-A5A3-7CCE24BB2AD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "8D42BA44-C69B-4170-9867-CABF93CA9BD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAC2E9D-0E82-4866-9046-ADD448418198",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "67F2047A-5F17-4B59-9075-41A5DC5C1CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "FF6588E7-F4FA-40F5-8945-FC7B6094376E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n vmsplice_to_user en fs/splice.c del n\u00facleo de Linux 2.6.22 hasta 2.6.24 no valida ciertos punteros en el espacio antes referenciados, lo cual permite a usuarios locales acceder a localizaciones de memoria del n\u00facleo de su elecci\u00f3n."
    }
  ],
  "id": "CVE-2008-0009",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-12T21:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28835"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28896"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/487982/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/27704"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/27799"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0487/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431206"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28896"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487982/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0487/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
      "lastModified": "2008-02-13T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2008-0009 (GCVE-0-2008-0009)

Vulnerability from cvelistv5

Published

2008-02-12 20:00