gsd-2008-4302
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2008-4302", "description": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.", "id": "GSD-2008-4302", "references": [ "https://www.suse.com/security/cve/CVE-2008-4302.html", "https://www.debian.org/security/2008/dsa-1653", "https://access.redhat.com/errata/RHSA-2008:0957", "https://linux.oracle.com/cve/CVE-2008-4302.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2008-4302" ], "details": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.", "id": "GSD-2008-4302", "modified": "2023-12-13T01:22:59.448115Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4302", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20080916 CVE request: kernel: splice: fix bad unlock_page() in error case", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10" }, { "name": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=6a860c979b35469e4d77da781a96bdb2ca05ae64", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=6a860c979b35469e4d77da781a96bdb2ca05ae64" }, { "name": "32485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32485" }, { "name": "32237", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32237" }, { "name": "RHSA-2008:0957", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html" }, { "name": "linux-kernel-addtopagecachelru-dos(45191)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191" }, { "name": "DSA-1653", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1653" }, { "name": "oval:org.mitre.oval:def:10547", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=462434", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434" }, { "name": "32759", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32759" }, { "name": "[linux-kernel] 20070720 [PATCH] splice: fix bad unlock_page() in error case", "refsource": "MLIST", "url": "http://lkml.org/lkml/2007/7/20/168" }, { "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2", "refsource": "CONFIRM", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2" }, { "name": "SUSE-SR:2008:025", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" }, { "name": "31201", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31201" }, { "name": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html", "refsource": "MISC", "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html" } ] } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3964F496-69A9-4EDE-B659-442233AC27C3", "versionEndExcluding": "2.6.22.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool." }, { "lang": "es", "value": "fs/splice.c en el subsistema \"splice\" en el kernel de Linux anterior a v2.6.22.2 no maneja de forma adecuada un fallo en la funci\u00f3n add_to_page_cache_Lru, y como consecuencia intentar desbloquear una p\u00e1gina que no est\u00e1 bloqueada, lo que permite que usuarios locales puedan provocar una denegaci\u00f3n de servicio (Error del Kernel y ca\u00edda del sistema), como se demostr\u00f3 por la herramienta \"fio I/O\"." } ], "id": "CVE-2008-4302", "lastModified": "2024-02-15T20:24:38.740", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2008-09-29T17:17:29.283", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "http://lkml.org/lkml/2007/7/20/168" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/32237" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/32485" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/32759" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1653" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/31201" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0957.html", "lastModified": "2009-01-15T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-667" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.