CVE-2008-0600 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0600
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0600

Description: The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-577-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html ST 1019393 SAID Secunia Advisory: SA28933 Secunia Advisory: SA28925 Secunia Advisory: SA28912 Secunia Advisory: SA28835 Secunia Advisory: SA28858 Secunia Advisory: SA28875 Secunia Advisory: SA28896 Secunia Advisory: SA28889 Secunia Advisory: SA28937 Secunia Advisory: SA29245 Secunia Advisory: SA30818 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0129.html MLIST http://marc.info/?l=linux-kernel&m=120266353621139&w=2 http://marc.info/?l=linux-kernel&m=120266328220808&w=2 http://marc.info/?l=linux-kernel&m=120264520431307&w=2 http://marc.info/?l=linux-kernel&m=120263652322197&w=2 http://marc.info/?l=linux-kernel&m=120264773202422&w=2 MILW0RM http://www.milw0rm.com/exploits/5092 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:043 http://www.mandriva.com/security/advisories?name=MDVSA-2008:044 FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1494 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0052 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488009/100/0/threaded BID 27801 27704

Return to the previous page.