CVE-2008-5029 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5029
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5029

Description: The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-679-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html ST 1021292 1021511 SREASON http://securityreason.com/securityalert/4573 SAID Secunia Advisory: SA33704 Secunia Advisory: SA33641 Secunia Advisory: SA33586 Secunia Advisory: SA32998 Secunia Advisory: SA33180 Secunia Advisory: SA33623 Secunia Advisory: SA32918 Secunia Advisory: SA33556 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0225.html http://www.redhat.com/support/errata/RHSA-2009-0014.html http://www.redhat.com/support/errata/RHSA-2009-0009.html MLIST http://www.openwall.com/lists/oss-security/2008/11/06/1 http://marc.info/?l=linux-netdev&m=122593044330973&w=2 MISC http://darkircop.org/unix.c MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:234 DEBIAN http://www.debian.org/security/2008/dsa-1687 http://www.debian.org/security/2008/dsa-1681 CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/499700/100/0/threaded BID 32154 33079

Return to the previous page.