[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5079Date: (C)2008-12-08   (M)2024-02-22


net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1021360
http://www.securityfocus.com/archive/1/498943/100/0/threaded
http://www.securityfocus.com/archive/1/499044/100/0/threaded
BID-32676
SECUNIA-32913
SECUNIA-33083
SECUNIA-33348
SECUNIA-33623
SECUNIA-33641
SECUNIA-33704
SECUNIA-33706
SECUNIA-33756
SECUNIA-33854
SECUNIA-34981
SREASON-4694
DSA-1787
FEDORA-2008-11618
MDVSA-2009:032
RHSA-2009:0053
RHSA-2009:0225
SUSE-SA:2009:004
SUSE-SA:2009:008
SUSE-SA:2009:010
USN-714-1
USN-715-1
http://marc.info/?l=linux-netdev&m=122841256115780&w=2
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0332
https://issues.rpath.com/browse/RPL-2915
oval:org.mitre.oval:def:11288

CPE    82
cpe:/o:linux:linux_kernel:2.6.18
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.23.9
cpe:/o:linux:linux_kernel:2.6.20.16
...
CWE    1
CWE-399
OVAL    22
oval:org.mitre.oval:def:8144
oval:org.secpod.oval:def:500617
oval:org.secpod.oval:def:400099
oval:org.secpod.oval:def:400061
...

© SecPod Technologies