CVE Reference: CVE-2008-4410

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-4410

Description:
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/45687

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html

SAID
  Secunia Advisory: SA32124
  Secunia Advisory: SA32386

OSVDB
  48743

MLIST
  http://www.openwall.com/lists/oss-security/2008/10/03/3

FEDORA

CONFIRM
  http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=de59985e3a623d4d5d6207f1777398ca0606ab1c

BID
  31565


Return to the previous page.