Description
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
Published: 2008-01-15
Score: 3.6 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-1479-1 New Linux 2.6.18 packages fix several vulnerabilities
EUVD EUVD EUVD-2008-0015 VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
Ubuntu USN Ubuntu USN USN-574-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-578-1 Linux kernel vulnerabilities
References
Link Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=974a9f0b47da74e28f68b9c8645c3786aa5ace1a cve-icon cve-icon
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.16 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2008-0055.html cve-icon cve-icon
http://secunia.com/advisories/28485 cve-icon cve-icon
http://secunia.com/advisories/28558 cve-icon cve-icon
http://secunia.com/advisories/28626 cve-icon cve-icon
http://secunia.com/advisories/28628 cve-icon cve-icon
http://secunia.com/advisories/28643 cve-icon cve-icon
http://secunia.com/advisories/28664 cve-icon cve-icon
http://secunia.com/advisories/28706 cve-icon cve-icon
http://secunia.com/advisories/28748 cve-icon cve-icon
http://secunia.com/advisories/28806 cve-icon cve-icon
http://secunia.com/advisories/28971 cve-icon cve-icon
http://secunia.com/advisories/29245 cve-icon cve-icon
http://securitytracker.com/id?1019289 cve-icon cve-icon
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0021 cve-icon cve-icon
http://www.debian.org/security/2008/dsa-1479 cve-icon cve-icon
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.14 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2008:112 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2008-0089.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/486485/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/27280 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-574-1 cve-icon cve-icon
http://www.ubuntu.com/usn/usn-578-1 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0151 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/39672 cve-icon cve-icon
https://issues.rpath.com/browse/RPL-2146 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2008-0001 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9709 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2008-0001 cve-icon
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00828.html cve-icon cve-icon
History

No history.

Subscriptions

Linux Linux Kernel
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-07T07:32:24.151Z

Reserved: 2007-12-03T00:00:00.000Z

Link: CVE-2008-0001

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2008-01-15T20:00:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-0001

cve-icon Redhat

Severity : Important

Publid Date: 2008-01-12T00:00:00Z

Links: CVE-2008-0001 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses