7.2 - RHSA-2008:0129

Executive Summary

Summary
Title	kernel security update

Informations
Name	RHSA-2008:0129	First vendor Publication	2008-02-12
Vendor	RedHat	Last vendor Modification	2008-02-12
Severity (Vendor)	Important	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600)

Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

432251 - CVE-2008-0600 kernel vmsplice_to_pipe flaw

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2008-0129.html

CAPEC : Common Attack Pattern Enumeration & Classification

Id	Name
CAPEC-3	Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7	Blind SQL Injection
CAPEC-8	Buffer Overflow in an API Call
CAPEC-9	Buffer Overflow in Local Command-Line Utilities
CAPEC-10	Buffer Overflow via Environment Variables
CAPEC-13	Subverting Environment Variable Values
CAPEC-14	Client-side Injection-induced Buffer Overflow
CAPEC-18	Embedding Scripts in Nonscript Elements
CAPEC-22	Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24	Filter Failure through Buffer Overflow
CAPEC-28	Fuzzing
CAPEC-31	Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32	Embedding Scripts in HTTP Query Strings
CAPEC-42	MIME Conversion
CAPEC-43	Exploiting Multiple Input Interpretation Layers
CAPEC-45	Buffer Overflow via Symbolic Links
CAPEC-46	Overflow Variables and Tags
CAPEC-47	Buffer Overflow via Parameter Expansion
CAPEC-52	Embedding NULL Bytes
CAPEC-53	Postfix, Null Terminate, and Backslash
CAPEC-63	Simple Script Injection
CAPEC-64	Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66	SQL Injection
CAPEC-67	String Format Overflow in syslog()
CAPEC-71	Using Unicode Encoding to Bypass Validation Logic
CAPEC-72	URL Encoding
CAPEC-73	User-Controlled Filename
CAPEC-78	Using Escaped Slashes in Alternate Encoding
CAPEC-79	Using Slashes in Alternate Encoding
CAPEC-80	Using UTF-8 Encoding to Bypass Validation Logic
CAPEC-81	Web Logs Tampering
CAPEC-83	XPath Injection
CAPEC-85	Client Network Footprinting (using AJAX/XSS)
CAPEC-86	Embedding Script (XSS ) in HTTP Headers
CAPEC-88	OS Command Injection
CAPEC-91	XSS in IMG Tags
CAPEC-99	XML Parser Attack
CAPEC-101	Server Side Include (SSI) Injection
CAPEC-104	Cross Zone Scripting
CAPEC-106	Cross Site Scripting through Log Files
CAPEC-108	Command Line Execution through SQL Injection
CAPEC-109	Object Relational Mapping Injection
CAPEC-110	SQL Injection through SOAP Parameter Tampering
CAPEC-171	Variable Manipulation

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11358

Oval ID:	oval:org.mitre.oval:def:11358
Title:	The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Description:	The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-0600	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section kernel-kdump is earlier than 0:2.6.18-53.1.13.el5 AND kernel-debug is earlier than 0:2.6.18-53.1.13.el5 AND kernel-xen is earlier than 0:2.6.18-53.1.13.el5 AND kernel-headers is earlier than 0:2.6.18-53.1.13.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-xen-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-PAE is earlier than 0:2.6.18-53.1.13.el5 AND kernel-debug-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-doc is earlier than 0:2.6.18-53.1.13.el5

Definition Id: oval:org.mitre.oval:def:17497

Oval ID:	oval:org.mitre.oval:def:17497
Title:	USN-577-1 -- linux-source-2.6.17/20/22 vulnerability
Description:	Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers.
Family:	unix	Class:	patch
Reference(s):	USN-577-1 CVE-2008-0600	Version:	7
Platform(s):	Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10	Product(s):	linux-source-2.6.17 linux-source-2.6.20 linux-source-2.6.22
Definition Synopsis:
Release section Ubuntu 6.10 is installed Packages match section linux-image-2.6.17-12-386 DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-generic DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-hppa32 DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-hppa64 DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-itanium DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-mckinley DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-powerpc DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-powerpc-smp DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-powerpc64-smp DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-server DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-server-bigiron DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-sparc64 DPKG is earlier than 2.6.17.1-12.44 AND linux-image-2.6.17-12-sparc64-smp DPKG is earlier than 2.6.17.1-12.44 AND Release section Ubuntu 7.04 is installed Packages match section linux-image-2.6.20-16-386 DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-generic DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-hppa32 DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-hppa64 DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-itanium DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-lowlatency DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-mckinley DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-powerpc DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-powerpc-smp DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-powerpc64-smp DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-server DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-server-bigiron DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-sparc64 DPKG is earlier than 2.6.20-16.35 AND linux-image-2.6.20-16-sparc64-smp DPKG is earlier than 2.6.20-16.35 AND Release section Ubuntu 7.10 is installed Packages match section linux-image-2.6.22-14-386 DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-cell DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-generic DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-hppa32 DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-hppa64 DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-itanium DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-lpia DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-lpiacompat DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-mckinley DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-powerpc DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-powerpc-smp DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-powerpc64-smp DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-rt DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-server DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-sparc64 DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-sparc64-smp DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-ume DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-virtual DPKG is earlier than 2.6.22-14.52 AND linux-image-2.6.22-14-xen DPKG is earlier than 2.6.22-14.52

Definition Id: oval:org.mitre.oval:def:22451

Oval ID:	oval:org.mitre.oval:def:22451
Title:	ELSA-2008:0129: kernel security update (Important)
Description:	The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0129-01 CVE-2008-0600	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-headers is earlier than 0:2.6.18-53.1.13.el5 AND kernel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-doc is earlier than 0:2.6.18-53.1.13.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-debug is earlier than 0:2.6.18-53.1.13.el5 AND kernel-kdump is earlier than 0:2.6.18-53.1.13.el5 AND kernel-xen-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-debug-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-PAE is earlier than 0:2.6.18-53.1.13.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-53.1.13.el5 AND kernel-xen is earlier than 0:2.6.18-53.1.13.el5

Definition Id: oval:org.mitre.oval:def:7882

Oval ID:	oval:org.mitre.oval:def:7882
Title:	DSA-1494 linux-2.6 -- missing access checks
Description:	The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges (CVE-2008-0010, CVE-2008-0600). In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers (CVE-2008-0163). The old stable distribution (sarge) is not affected by this problem.
Family:	unix	Class:	patch
Reference(s):	DSA-1494 CVE-2008-0010 CVE-2008-0163 CVE-2008-0600	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section linux-support-2.6.18-6 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-patch-debian-2.6.18 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-source-2.6.18 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-manual-2.6.18 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-tree-2.6.18 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-doc-2.6.18 is earlier than 2.6.18.dfsg.1-18etch1 OR Architecture dependent section Installed architecture is s390 AND Packages section linux-headers-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-s390-tape is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-all-s390 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-18etch1 OR Architecture dependent section Installed architecture is amd64 AND Packages section linux-image-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND fai-kernels is earlier than 1.17+etch.18etch1 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-18etch1 AND xen-linux-system-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-modules-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND xen-linux-system-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-xen is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-all-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-modules-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-xen-vserver is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-18etch1 OR Supported platform section Installed architecture is hppa AND Packages section linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-all-hppa is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-headers-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-18etch1 AND linux-image-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-18etch1

CPE : Common Platform Enumeration

Type	Description	Count
Os	Linux Linux Kernel cpe:2.3:o:linux:linux_kernel:2.6.24.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.24:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.23.9:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.14:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.23:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.22.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.16:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:::::: cpe:2.3:o:linux:linux_kernel:2.6.22:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.21.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.21.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.21.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.21.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.21:git1:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git4:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git5:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git6:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git3:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git7:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:git2:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:::::: cpe:2.3:o:linux:linux_kernel:2.6.20.9:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.15:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.14:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.13:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.12:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.11:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.10:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.20:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.19.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.19.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.19.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.19:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.18.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.18:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.17.9:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.7:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.6:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.5:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.4:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.3:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.2:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.14:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.13:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.12:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.11:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.10:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17.1:::::::* cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.17:-::::::	104

OpenVAS Exploits

Date	Description
2009-04-09	Name : Mandriva Update for kernel MDVSA-2008:044 (kernel) File : nvt/gb_mandriva_MDVSA_2008_044.nasl
2009-04-09	Name : Mandriva Update for kernel MDVSA-2008:043 (kernel) File : nvt/gb_mandriva_MDVSA_2008_043.nasl
2009-03-23	Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerability USN-577-1 File : nvt/gb_ubuntu_USN_577_1.nasl
2009-03-06	Name : RedHat Update for kernel RHSA-2008:0129-01 File : nvt/gb_RHSA-2008_0129-01_kernel.nasl
2009-02-27	Name : CentOS Update for kernel CESA-2008:0129 centos5 i386 File : nvt/gb_CESA-2008_0129_kernel_centos5_i386.nasl
2009-02-27	Name : CentOS Update for kernel CESA-2008:0129 centos5 x86_64 File : nvt/gb_CESA-2008_0129_kernel_centos5_x86_64.nasl
2009-02-17	Name : Fedora Update for kernel FEDORA-2008-5454 File : nvt/gb_fedora_2008_5454_kernel_fc8.nasl
2009-02-17	Name : Fedora Update for kernel FEDORA-2008-4043 File : nvt/gb_fedora_2008_4043_kernel_fc7.nasl
2009-02-17	Name : Fedora Update for kernel FEDORA-2008-3873 File : nvt/gb_fedora_2008_3873_kernel_fc8.nasl
2009-02-16	Name : Fedora Update for kernel-xen-2.6 FEDORA-2008-1629 File : nvt/gb_fedora_2008_1629_kernel-xen-2.6_fc7.nasl
2009-02-16	Name : Fedora Update for kernel-xen-2.6 FEDORA-2008-1433 File : nvt/gb_fedora_2008_1433_kernel-xen-2.6_fc8.nasl
2009-02-16	Name : Fedora Update for kernel FEDORA-2008-1423 File : nvt/gb_fedora_2008_1423_kernel_fc8.nasl
2009-02-16	Name : Fedora Update for kernel FEDORA-2008-1422 File : nvt/gb_fedora_2008_1422_kernel_fc7.nasl
2009-01-23	Name : SuSE Update for kernel SUSE-SA:2008:007 File : nvt/gb_suse_2008_007.nasl
2009-01-23	Name : SuSE Update for kernel-rt SUSE-SA:2008:013 File : nvt/gb_suse_2008_013.nasl
2009-01-23	Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl
2008-02-15	Name : Debian Security Advisory DSA 1494-1 (linux-2.6) File : nvt/deb_1494_1.nasl
2008-02-15	Name : Debian Security Advisory DSA 1494-2 (linux-2.6) File : nvt/deb_1494_2.nasl
0000-00-00	Name : Slackware Advisory SSA:2008-042-01 kernel exploit fix File : nvt/esoft_slk_ssa_2008_042_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
41853	Linux Kernel vmsplice_to_pipe Function vmsplice System Call Local Privilege E... Linux kernel prior to version 2.6.24.2 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The vulnerability exists because the "vmsplice_to_pipe" function does not properly validate user supplied input.

Nessus® Vulnerability Scanner

Date	Description
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2002.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0129.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080212_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-044.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-043.nasl - Type : ACT_GATHER_INFO
2008-06-24	Name : The remote openSUSE host is missing a security update. File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Fedora host is missing a security update. File : fedora_2008-1433.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Fedora host is missing a security update. File : fedora_2008-1629.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0129.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote openSUSE host is missing a security update. File : suse_kernel-4986.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote openSUSE host is missing a security update. File : suse_kernel-4987.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-577-1.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0129.nasl - Type : ACT_GATHER_INFO
2008-02-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-1423.nasl - Type : ACT_GATHER_INFO
2008-02-12	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-042-01.nasl - Type : ACT_GATHER_INFO
2008-02-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-1422.nasl - Type : ACT_GATHER_INFO
2008-02-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1494.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:51:25	Multiple Updates

Global Informations

Type	Count
Capec ID(s)	44
CWE ID(s)	2
Oval ID(s)	4
CPE ID(s)	104
osvdb(s)	1
Openvas Exploit(s)	19
Nessus® Exploit(s)	17

	Related
7.2	CVE-2008-0600
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

7.2 - RHSA-2008:0129

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CAPEC : Common Attack Pattern Enumeration & Classification

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU