CVE-2008-0010 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0010
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0010

Description: The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.

CVE Status: Candidate

References: SAID Secunia Advisory: SA28835 Secunia Advisory: SA28875 Secunia Advisory: SA28896 MISC http://isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt MILW0RM http://www.milw0rm.com/exploits/5093 FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1494 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/487982/100/0/threaded BID 27704 27796

Return to the previous page.