Vulnerability Details : CVE-2008-5393
UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes kernel support for mounting RAID arrays, which might allow remote attackers to bypass intended isolation mechanisms by (1) reading from or (2) writing to these arrays.
Exploit prediction scoring system (EPSS) score for CVE-2008-5393
Probability of exploitation activity in the next 30 days: 0.77%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-5393
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2008-5393
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-5393
-
Red Hat 2008-12-09Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG. It only affected the Ubuntu Privacy Remix (UPR) kernel.
- cpe:2.3:a:privacy-cd:unbuntu_privacy_remix:*:*:*:*:*:*:*:*