[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-2812

Date: (C)2008-07-08   (M)2017-10-04
 
CVSS Score: 7.2Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

Reference:
BID-30076
SECUNIA-30982
SECUNIA-31048
SECUNIA-31202
SECUNIA-31229
SECUNIA-31341
SECUNIA-31551
SECUNIA-31614
SECUNIA-31685
SECUNIA-32103
SECUNIA-32370
SECUNIA-32759
SECUNIA-33201
ADV-2008-2063
DSA-1630
IAVM:2009-A-0105
RHSA-2008:0612
RHSA-2008:0665
RHSA-2008:0973
SUSE-SA:2008:035
SUSE-SA:2008:037
SUSE-SA:2008:038
SUSE-SA:2008:047
SUSE-SA:2008:049
SUSE-SA:2008:052
SUSE-SR:2008:025
USN-637-1
http://www.openwall.com/lists/oss-security/2008/07/03/2
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=2a739dd53ad7ee010ae6e155438507f329dce788
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10
http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm
kernel-tty-dos(43687)

CPE    613
cpe:/o:linux:linux_kernel:2.3.25
cpe:/o:linux:linux_kernel:2.3.26
cpe:/o:linux:linux_kernel:2.3.23
cpe:/o:linux:linux_kernel:2.3.24
...
CWE    1
CWE-20
OVAL    3
oval:org.mitre.oval:def:8183
oval:org.secpod.oval:def:202709
oval:org.secpod.oval:def:202701

© 2013 SecPod Technologies