CVE-2008-0007 - OpenCVE

Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
kernel-0:2.4.18-e.67	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2008:0787	2009-01-05T00:00:00Z
kernel-0:2.4.9-e.74	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2009:0001	2009-01-08T00:00:00Z
Red Hat Enterprise Linux 3
kernel-0:2.4.21-57.EL	cpe:/o:redhat:enterprise_linux:3	RHSA-2008:0211	2008-05-07T00:00:00Z
Red Hat Enterprise Linux 4
kernel-0:2.6.9-67.0.15.EL	cpe:/o:redhat:enterprise_linux:4	RHSA-2008:0237	2008-05-07T00:00:00Z
Red Hat Enterprise Linux 5
kernel-0:2.6.18-53.1.19.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2008:0233	2008-05-07T00:00:00Z

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
http://lkml.org/lkml/2008/2/6/457
http://secunia.com/advisories/28806
http://secunia.com/advisories/28826
http://secunia.com/advisories/29058
http://secunia.com/advisories/29570
http://secunia.com/advisories/30018
http://secunia.com/advisories/30110
http://secunia.com/advisories/30112
http://secunia.com/advisories/30116
http://secunia.com/advisories/30769
http://secunia.com/advisories/31246
http://secunia.com/advisories/33280
http://securitytracker.com/id?1019357
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048
http://www.debian.org/security/2008/dsa-1503
http://www.debian.org/security/2008/dsa-1504
http://www.debian.org/security/2008/dsa-1565
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.17
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
http://www.mandriva.com/security/advisories?name=MDVSA-2008:072
http://www.mandriva.com/security/advisories?name=MDVSA-2008:112
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
http://www.redhat.com/support/errata/RHSA-2008-0211.html
http://www.redhat.com/support/errata/RHSA-2008-0233.html
http://www.redhat.com/support/errata/RHSA-2008-0237.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
http://www.securityfocus.com/archive/1/487808/100/0/threaded
http://www.securityfocus.com/bid/27686
http://www.securityfocus.com/bid/27705
http://www.ubuntu.com/usn/usn-618-1
http://www.vupen.com/english/advisories/2008/0445/references
http://www.vupen.com/english/advisories/2008/2222/references
https://nvd.nist.gov/vuln/detail/CVE-2008-0007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9412
https://www.cve.org/CVERecord?id=CVE-2008-0007

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2008-02-08T01:00:00

Updated: 2024-08-07T07:32:23.652Z

Reserved: 2007-12-03T00:00:00

Link: CVE-2008-0007

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-02-08T02:00:00.000

Modified: 2018-10-15T21:56:58.073

Link: CVE-2008-0007

Redhat

Severity : Important

Publid Date: 2008-02-08T00:00:00Z

Links: CVE-2008-0007 - Bugzilla

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object