Linux : Security Vulnerabilities, CVEs, Published In February 2008

CVE-2008-0600

The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-12
Updated
2023-02-13

CVE-2008-0163

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
Max CVSS
4.4
EPSS Score
0.04%
Published
2008-02-12
Updated
2017-08-08

CVE-2008-0010

The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-02-12
Updated
2018-10-15

CVE-2008-0009

The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-02-12
Updated
2018-10-15

CVE-2008-0007

Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-08
Updated
2018-10-15
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close