CVE-2008-5029

Properties

Published:

09.11.2008

Updated:

29.01.2009

Patch available:

Severity:

Medium

CVSS vector:

(AV:L/AC:L/Au:N/C:N/I:N/A:C)

Product:

linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel
linux: kernel

Vulnerability description

The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.

References:

BID: http://www.securityfocus.com/bid/32154
CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=470201
UBUNTU: http://www.ubuntu.com/usn/usn-679-1
SECTRACK: http://www.securitytracker.com/id?1021511
SECTRACK: http://www.securitytracker.com/id?1021292
BID: http://www.securityfocus.com/bid/33079
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/499700/100/0/threaded
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-0225.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-0009.html
MLIST: http://www.openwall.com/lists/oss-security/2008/11/06/1
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDVSA-2008:234
DEBIAN: http://www.debian.org/security/2008/dsa-1687
DEBIAN: http://www.debian.org/security/2008/dsa-1681
SREASON: http://securityreason.com/securityalert/4573
SECUNIA: http://secunia.com/advisories/33623
SECUNIA: http://secunia.com/advisories/33586
SECUNIA: http://secunia.com/advisories/33180
SECUNIA: http://secunia.com/advisories/32998
SECUNIA: http://secunia.com/advisories/32918
MLIST: http://marc.info/?l=linux-netdev&m=122593044330973&w=2
SUSE: http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html
MISC: http://darkircop.org/unix.c

Vulnerabilities

10.06.2016

CVE-2016-5233

Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B182, NXT-CL00 before NXT-CL00C92B182, NXT-DL00 before NXT-DL00C17B182, and NXT-TL00 before NXT-TL00C01B182 allow remote base stations to obtain sensitive subscriber signal strength information via vectors involving improper security status verification, aka HWPSIRT-2015-12007.

10.06.2016

CVE-2016-5118

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

10.06.2016

CVE-2016-4429

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

10.06.2016

CVE-2016-3720

XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.

10.06.2016

CVE-2016-3706

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.

10.06.2016

CVE-2016-3085

Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin.