Linux : Security Vulnerabilities, CVEs, Published In February 2008
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-12
Updated
2023-02-13
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
Max CVSS
4.4
EPSS Score
0.04%
Published
2008-02-12
Updated
2017-08-08
The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-02-12
Updated
2018-10-15
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-02-12
Updated
2018-10-15
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-08
Updated
2018-10-15
5 vulnerabilities found