3.6

CVE-2008-2148

The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.22
LinuxLinux Kernel Version2.6.22.1
LinuxLinux Kernel Version2.6.22.2
LinuxLinux Kernel Version2.6.22.3
LinuxLinux Kernel Version2.6.22.4
LinuxLinux Kernel Version2.6.22.5
LinuxLinux Kernel Version2.6.22.6
LinuxLinux Kernel Version2.6.22.7
LinuxLinux Kernel Version2.6.22.8
LinuxLinux Kernel Version2.6.22.9
LinuxLinux Kernel Version2.6.22.10
LinuxLinux Kernel Version2.6.22.11
LinuxLinux Kernel Version2.6.22.12
LinuxLinux Kernel Version2.6.22.13
LinuxLinux Kernel Version2.6.22.14
LinuxLinux Kernel Version2.6.22.15
LinuxLinux Kernel Version2.6.22.16
LinuxLinux Kernel Version2.6.22.17
LinuxLinux Kernel Version2.6.22.18
LinuxLinux Kernel Version2.6.22.19
LinuxLinux Kernel Version2.6.22.20
LinuxLinux Kernel Version2.6.22.21
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.305
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.6 3.9 4.9
AV:L/AC:L/Au:N/C:N/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
http://secunia.com/advisories/30818
Vendor Advisory
http://secunia.com/advisories/31628
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0585.html
http://secunia.com/advisories/31107
Vendor Advisory
http://www.ubuntu.com/usn/usn-625-1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=f9dfda1ad0637a89a64d001cf81478bd8d9b6306
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
http://secunia.com/advisories/30198
Vendor Advisory
http://secunia.com/advisories/30241
Vendor Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169
http://www.securityfocus.com/bid/29134
http://www.vupen.com/english/advisories/2008/1543/references
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42342