CVE-2008-0600

Exploit

EPSS 0.45%
Published 12.02.2008 21:00:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.

Affected products Warnungen 0 Metrics 2 CWE 1 References 43

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version2.6.17

Linux ≫ Linux Kernel Version2.6.17 Updaterc1

Linux ≫ Linux Kernel Version2.6.17 Updaterc2

Linux ≫ Linux Kernel Version2.6.17 Updaterc3

Linux ≫ Linux Kernel Version2.6.17 Updaterc4

Linux ≫ Linux Kernel Version2.6.17 Updaterc5

Linux ≫ Linux Kernel Version2.6.17 Updaterc6

Linux ≫ Linux Kernel Version2.6.17.1

Linux ≫ Linux Kernel Version2.6.17.2

Linux ≫ Linux Kernel Version2.6.17.3

Linux ≫ Linux Kernel Version2.6.17.4

Linux ≫ Linux Kernel Version2.6.17.5

Linux ≫ Linux Kernel Version2.6.17.6

Linux ≫ Linux Kernel Version2.6.17.7

Linux ≫ Linux Kernel Version2.6.17.8

Linux ≫ Linux Kernel Version2.6.17.9

Linux ≫ Linux Kernel Version2.6.17.10

Linux ≫ Linux Kernel Version2.6.17.11

Linux ≫ Linux Kernel Version2.6.17.12

Linux ≫ Linux Kernel Version2.6.17.13

Linux ≫ Linux Kernel Version2.6.17.14

Linux ≫ Linux Kernel Version2.6.18

Linux ≫ Linux Kernel Version2.6.18 Updaterc1

Linux ≫ Linux Kernel Version2.6.18 Updaterc2

Linux ≫ Linux Kernel Version2.6.18 Updaterc3

Linux ≫ Linux Kernel Version2.6.18 Updaterc4

Linux ≫ Linux Kernel Version2.6.18 Updaterc5

Linux ≫ Linux Kernel Version2.6.18 Updaterc6

Linux ≫ Linux Kernel Version2.6.18 Updaterc7

Linux ≫ Linux Kernel Version2.6.18.1

Linux ≫ Linux Kernel Version2.6.18.2

Linux ≫ Linux Kernel Version2.6.18.3

Linux ≫ Linux Kernel Version2.6.18.4

Linux ≫ Linux Kernel Version2.6.18.5

Linux ≫ Linux Kernel Version2.6.18.6

Linux ≫ Linux Kernel Version2.6.18.7

Linux ≫ Linux Kernel Version2.6.18.8

Linux ≫ Linux Kernel Version2.6.19

Linux ≫ Linux Kernel Version2.6.19 Updaterc1

Linux ≫ Linux Kernel Version2.6.19 Updaterc2

Linux ≫ Linux Kernel Version2.6.19 Updaterc3

Linux ≫ Linux Kernel Version2.6.19 Updaterc4

Linux ≫ Linux Kernel Version2.6.19.1

Linux ≫ Linux Kernel Version2.6.19.2

Linux ≫ Linux Kernel Version2.6.19.3

Linux ≫ Linux Kernel Version2.6.20

Linux ≫ Linux Kernel Version2.6.20 Updaterc2

Linux ≫ Linux Kernel Version2.6.20.1

Linux ≫ Linux Kernel Version2.6.20.2

Linux ≫ Linux Kernel Version2.6.20.3

Linux ≫ Linux Kernel Version2.6.20.4

Linux ≫ Linux Kernel Version2.6.20.5

Linux ≫ Linux Kernel Version2.6.20.6

Linux ≫ Linux Kernel Version2.6.20.7

Linux ≫ Linux Kernel Version2.6.20.8

Linux ≫ Linux Kernel Version2.6.20.9

Linux ≫ Linux Kernel Version2.6.20.10

Linux ≫ Linux Kernel Version2.6.20.11

Linux ≫ Linux Kernel Version2.6.20.12

Linux ≫ Linux Kernel Version2.6.20.13

Linux ≫ Linux Kernel Version2.6.20.14

Linux ≫ Linux Kernel Version2.6.20.15

Linux ≫ Linux Kernel Version2.6.21

Linux ≫ Linux Kernel Version2.6.21 Updategit1

Linux ≫ Linux Kernel Version2.6.21 Updategit2

Linux ≫ Linux Kernel Version2.6.21 Updategit3

Linux ≫ Linux Kernel Version2.6.21 Updategit4

Linux ≫ Linux Kernel Version2.6.21 Updategit5

Linux ≫ Linux Kernel Version2.6.21 Updategit6

Linux ≫ Linux Kernel Version2.6.21 Updategit7

Linux ≫ Linux Kernel Version2.6.21 Updaterc3

Linux ≫ Linux Kernel Version2.6.21 Updaterc4

Linux ≫ Linux Kernel Version2.6.21 Updaterc5

Linux ≫ Linux Kernel Version2.6.21 Updaterc6

Linux ≫ Linux Kernel Version2.6.21 Updaterc7

Linux ≫ Linux Kernel Version2.6.21.1

Linux ≫ Linux Kernel Version2.6.21.2

Linux ≫ Linux Kernel Version2.6.21.3

Linux ≫ Linux Kernel Version2.6.21.4

Linux ≫ Linux Kernel Version2.6.22

Linux ≫ Linux Kernel Version2.6.22 Updaterc6

Linux ≫ Linux Kernel Version2.6.22.1

Linux ≫ Linux Kernel Version2.6.22.3

Linux ≫ Linux Kernel Version2.6.22.4

Linux ≫ Linux Kernel Version2.6.22.5

Linux ≫ Linux Kernel Version2.6.22.6

Linux ≫ Linux Kernel Version2.6.22.7

Linux ≫ Linux Kernel Version2.6.22.16

Linux ≫ Linux Kernel Version2.6.23

Linux ≫ Linux Kernel Version2.6.23 Updaterc1

Linux ≫ Linux Kernel Version2.6.23 Updaterc2

Linux ≫ Linux Kernel Version2.6.23.1

Linux ≫ Linux Kernel Version2.6.23.2

Linux ≫ Linux Kernel Version2.6.23.3

Linux ≫ Linux Kernel Version2.6.23.4

Linux ≫ Linux Kernel Version2.6.23.5

Linux ≫ Linux Kernel Version2.6.23.6

Linux ≫ Linux Kernel Version2.6.23.7

Linux ≫ Linux Kernel Version2.6.23.9

Linux ≫ Linux Kernel Version2.6.23.14

Linux ≫ Linux Kernel Version2.6.24

Linux ≫ Linux Kernel Version2.6.24 Updaterc2

Linux ≫ Linux Kernel Version2.6.24 Updaterc3

Linux ≫ Linux Kernel Version2.6.24.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.45%	0.626

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html

http://secunia.com/advisories/29245

http://secunia.com/advisories/30818

http://www.mandriva.com/security/advisories?name=MDVSA-2008:044

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html

http://secunia.com/advisories/28889

http://secunia.com/advisories/28835

http://secunia.com/advisories/28896

http://www.securityfocus.com/bid/27704

http://www.vupen.com/english/advisories/2008/0487/references

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html