CVE-2008-3247

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-3247
The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=74454a6a286bfce4bb23d89bd465f856fa6a6e19
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html Patch
http://secunia.com/advisories/31172
http://secunia.com/advisories/31202
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.11
http://www.securityfocus.com/bid/30351
http://www.securitytracker.com/id?1020544
https://exchange.xforce.ibmcloud.com/vulnerabilities/43979
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:2.6.25:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:x86_64:*:*:*:*:*
History

07 Nov 2023, 02:02

Type Values Removed Values Added
References
  • {'url': 'http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=74454a6a286bfce4bb23d89bd465f856fa6a6e19', 'name': 'http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commit;h=74454a6a286bfce4bb23d89bd465f856fa6a6e19', 'tags': [], 'refsource': 'CONFIRM'}
  • () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=74454a6a286bfce4bb23d89bd465f856fa6a6e19 -
Information

Published : 2008-07-24 15:41

Updated : 2023-12-10 10:51

NVD link : CVE-2008-3247

Mitre link : CVE-2008-3247

CVE.ORG link : CVE-2008-3247

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer