[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111818

 
 

909

 
 

87315

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2008-2812Date: (C)2008-07-08   (M)2018-05-10


The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-30076
SECUNIA-30982
SECUNIA-31048
SECUNIA-31202
SECUNIA-31229
SECUNIA-31341
SECUNIA-31551
SECUNIA-31614
SECUNIA-31685
SECUNIA-32103
SECUNIA-32370
SECUNIA-32759
SECUNIA-33201
ADV-2008-2063
DSA-1630
IAVM:2009-A-0105
RHSA-2008:0612
RHSA-2008:0665
RHSA-2008:0973
SUSE-SA:2008:035
SUSE-SA:2008:037
SUSE-SA:2008:038
SUSE-SA:2008:047
SUSE-SA:2008:049
SUSE-SA:2008:052
SUSE-SR:2008:025
USN-637-1
http://www.openwall.com/lists/oss-security/2008/07/03/2
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=2a739dd53ad7ee010ae6e155438507f329dce788
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10
http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm
kernel-tty-dos(43687)

CPE    613
cpe:/o:linux:linux_kernel:2.3.25
cpe:/o:linux:linux_kernel:2.4.27:pre5
cpe:/o:linux:linux_kernel:2.3.26
cpe:/o:linux:linux_kernel:2.4.27:pre4
...
CWE    1
CWE-20
OVAL    3
oval:org.mitre.oval:def:8183
oval:org.secpod.oval:def:202709
oval:org.secpod.oval:def:202701

© SecPod Technologies