[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1675Date: (C)2008-05-02   (M)2023-12-22


The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1019960
http://www.securityfocus.com/archive/1/491566/100/0/threaded
http://www.securityfocus.com/archive/1/491732/100/0/threaded
BID-29014
SECUNIA-30017
SECUNIA-30044
SECUNIA-30260
SECUNIA-30515
ADV-2008-1406
FEDORA-2008-3873
MDVSA-2008:109
MDVSA-2008:167
USN-614-1
http://marc.info/?l=linux-kernel&m=120949582428998&w=2
http://marc.info/?l=linux-kernel&m=120949204519706&w=2
http://marc.info/?l=linux-kernel&m=120949204619718&w=2
http://wiki.rpath.com/Advisories:rPSA-2008-0157
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
https://issues.rpath.com/browse/RPL-2501
linux-kernel-tehuti-bo(42132)

CPE    221
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.23.1
cpe:/o:linux:linux_kernel:2.6.23.2
cpe:/o:linux:linux_kernel:2.6.23.3
...
CWE    1
CWE-399
OVAL    2
oval:org.secpod.oval:def:301349
oval:org.secpod.oval:def:301293

© SecPod Technologies