4.9 - CVE-2008-5300

Executive Summary

Informations
Name	CVE-2008-5300	First vendor Publication	2008-12-01
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score	4.9	Attack Range	Local
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10283

Oval ID:	oval:org.mitre.oval:def:10283
Title:	Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Description:	Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-5300	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-63.EL AND kernel-unsupported is earlier than 0:2.4.21-63.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-63.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-63.EL AND kernel-hugemem is earlier than 0:2.4.21-63.EL AND kernel is earlier than 0:2.4.21-63.EL AND kernel-source is earlier than 0:2.4.21-63.EL AND kernel-doc is earlier than 0:2.4.21-63.EL AND kernel-smp is earlier than 0:2.4.21-63.EL OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kernel-xenU is earlier than 0:2.6.9-78.0.13.EL AND kernel-hugemem is earlier than 0:2.6.9-78.0.13.EL AND kernel-hugemem-devel is earlier than 0:2.6.9-78.0.13.EL AND kernel-xenU-devel is earlier than 0:2.6.9-78.0.13.EL AND kernel-smp-devel is earlier than 0:2.6.9-78.0.13.EL AND kernel-largesmp-devel is earlier than 0:2.6.9-78.0.13.EL AND kernel is earlier than 0:2.6.9-78.0.13.EL AND kernel-devel is earlier than 0:2.6.9-78.0.13.EL AND kernel-doc is earlier than 0:2.6.9-78.0.13.EL AND kernel-largesmp is earlier than 0:2.6.9-78.0.13.EL AND kernel-smp is earlier than 0:2.6.9-78.0.13.EL OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section kernel-kdump is earlier than 0:2.6.18-128.el5 AND kernel-debug is earlier than 0:2.6.18-128.el5 AND kernel-xen is earlier than 0:2.6.18-128.el5 AND kernel-headers is earlier than 0:2.6.18-128.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-128.el5 AND kernel-xen-devel is earlier than 0:2.6.18-128.el5 AND kernel is earlier than 0:2.6.18-128.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-128.el5 AND kernel-devel is earlier than 0:2.6.18-128.el5 AND kernel-PAE is earlier than 0:2.6.18-128.el5 AND kernel-debug-devel is earlier than 0:2.6.18-128.el5 AND kernel-doc is earlier than 0:2.6.18-128.el5

Definition Id: oval:org.mitre.oval:def:11427

Oval ID:	oval:org.mitre.oval:def:11427
Title:	Service Console update for COS kernel
Description:	Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-5300	Version:	3
Platform(s):	VMWare ESX Server 3.5	Product(s):
Definition Synopsis:
VMware ESX Server 3.5.0 is installed AND Patch ESX350-201006401-SG is not installed

Definition Id: oval:org.mitre.oval:def:19922

Oval ID:	oval:org.mitre.oval:def:19922
Title:	DSA-1681-1 linux-2.6.24 - several vulnerabilities
Description:	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family:	unix	Class:	patch
Reference(s):	DSA-1681-1 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618 CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029 CVE-2008-5134 CVE-2008-5182 CVE-2008-5300	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6.24
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND linux-2.6.24 DPKG is earlier than 0:2.6.24-6~etchnhalf.7

Definition Id: oval:org.mitre.oval:def:19979

Oval ID:	oval:org.mitre.oval:def:19979
Title:	DSA-1687-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Description:	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family:	unix	Class:	patch
Reference(s):	DSA-1687-1 CVE-2008-3527 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029 CVE-2008-5079 CVE-2008-5182 CVE-2008-5300	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	fai-kernels linux-2.6 user-mode-linux
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Packages match section fai-kernels DPKG is earlier than 0:1.17+etch.23etch1 AND linux-2.6 DPKG is earlier than 0:2.6.18.dfsg.1-23etch1 AND user-mode-linux DPKG is earlier than 0:2.6.18-1um-2etch.23etch1

Definition Id: oval:org.mitre.oval:def:21793

Oval ID:	oval:org.mitre.oval:def:21793
Title:	ELSA-2009:0225: Oracle Linux 5.x.3 kernel security and bug fix update (Important)
Description:	Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:0225-03 CVE-2008-5029 CVE-2008-5079 CVE-2008-5182 CVE-2008-5300	Version:	21
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-headers is earlier than 0:2.6.18-128.el5 AND kernel is earlier than 0:2.6.18-128.el5 AND kernel-doc is earlier than 0:2.6.18-128.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-128.el5 AND kernel-devel is earlier than 0:2.6.18-128.el5 AND kernel-debug is earlier than 0:2.6.18-128.el5 AND kernel-kdump is earlier than 0:2.6.18-128.el5 AND kernel-xen-devel is earlier than 0:2.6.18-128.el5 AND kernel-debug-devel is earlier than 0:2.6.18-128.el5 AND kernel-PAE is earlier than 0:2.6.18-128.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-128.el5 AND kernel-xen is earlier than 0:2.6.18-128.el5

Definition Id: oval:org.mitre.oval:def:29343

Oval ID:	oval:org.mitre.oval:def:29343
Title:	RHSA-2009:0225 -- Red Hat Enterprise Linux 5.3 kernel security and bug fix update (Important)
Description:	Updated kernel packages that fix three security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the third regular update. This update has been rated as having important security impact by the Red Hat Security Response Team.
Family:	unix	Class:	patch
Reference(s):	RHSA-2009:0225 CVE-2008-5029 CVE-2008-5079 CVE-2008-5182 CVE-2008-5300	Version:	3
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	kernel
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 Packages match section kernel is earlier than 0:2.6.18-128.el5 AND kernel-PAE is earlier than 0:2.6.18-128.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-128.el5 AND kernel-debug is earlier than 0:2.6.18-128.el5 AND kernel-debug-devel is earlier than 0:2.6.18-128.el5 AND kernel-devel is earlier than 0:2.6.18-128.el5 AND kernel-doc is earlier than 0:2.6.18-128.el5 AND kernel-headers is earlier than 0:2.6.18-128.el5 AND kernel-xen is earlier than 0:2.6.18-128.el5 AND kernel-xen-devel is earlier than 0:2.6.18-128.el5

Definition Id: oval:org.mitre.oval:def:7980

Oval ID:	oval:org.mitre.oval:def:7980
Title:	DSA-1681 linux-2.6.24 -- denial of service/privilege escalation
Description:	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family:	unix	Class:	patch
Reference(s):	DSA-1681 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618 CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029 CVE-2008-5134 CVE-2008-5182 CVE-2008-5300	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6.24
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section linux-patch-debian-2.6.24 is earlier than 2.6.24-6~etchnhalf.7 AND linux-support-2.6.24-etchnhalf.1 is earlier than 2.6.24-6~etchnhalf.7 AND linux-doc-2.6.24 is earlier than 2.6.24-6~etchnhalf.7 AND linux-tree-2.6.24 is earlier than 2.6.24-6~etchnhalf.7 AND linux-source-2.6.24 is earlier than 2.6.24-6~etchnhalf.7 AND linux-manual-2.6.24 is earlier than 2.6.24-6~etchnhalf.7 OR Architecture dependent section Installed architecture is s390 AND Packages section linux-image-2.6.24-etchnhalf.1-s390x is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-s390 is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-all-s390 is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-s390 is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-s390-tape is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-all is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-common is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-s390x is earlier than 2.6.24-6~etchnhalf.7 OR Architecture dependent section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Packages section linux-headers-2.6.24-etchnhalf.1-amd64 is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-common is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-amd64 is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-all is earlier than 2.6.24-6~etchnhalf.7 OR Supported platform section Installed architecture is hppa AND Packages section linux-image-2.6.24-etchnhalf.1-parisc64 is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-parisc-smp is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-parisc-smp is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-parisc64 is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-parisc is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-all-hppa is earlier than 2.6.24-6~etchnhalf.7 AND linux-image-2.6.24-etchnhalf.1-parisc64-smp is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-parisc64-smp is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-all is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-common is earlier than 2.6.24-6~etchnhalf.7 AND linux-headers-2.6.24-etchnhalf.1-parisc is earlier than 2.6.24-6~etchnhalf.7

Definition Id: oval:org.mitre.oval:def:8144

Oval ID:	oval:org.mitre.oval:def:8144
Title:	DSA-1687 linux-2.6 -- denial of service/privilege escalation
Description:	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation. Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family:	unix	Class:	patch
Reference(s):	DSA-1687 CVE-2008-3527 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029 CVE-2008-5079 CVE-2008-5182 CVE-2008-5300	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section linux-support-2.6.18-6 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-patch-debian-2.6.18 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-source-2.6.18 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-manual-2.6.18 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-tree-2.6.18 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-doc-2.6.18 is earlier than 2.6.18.dfsg.1-23etch1 OR Architecture dependent section Installed architecture is s390 AND Packages section linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-s390-tape is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-all-s390 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-23etch1 OR Architecture dependent section Installed architecture is amd64 AND Packages section linux-image-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND fai-kernels is earlier than 1.17+etch.23etch1 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-23etch1 AND xen-linux-system-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-modules-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND xen-linux-system-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-xen is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-modules-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-all-amd64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-xen-vserver is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-23etch1 OR Supported platform section Installed architecture is hppa AND Packages section linux-headers-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-all-hppa is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-23etch1 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-23etch1 AND linux-image-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-23etch1

CPE : Common Platform Enumeration

Type	Description	Count
Os	Linux Linux Kernel cpe:2.3:o:linux:linux_kernel:2.6.28:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.28:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.28:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.28:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.28:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.28:rc1::::::	6

OpenVAS Exploits

Date	Description
2011-08-09	Name : CentOS Update for kernel CESA-2009:0014 centos4 i386 File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl
2011-08-09	Name : CentOS Update for kernel CESA-2009:1550 centos3 i386 File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl
2009-11-11	Name : RedHat Security Advisory RHSA-2009:1550 File : nvt/RHSA_2009_1550.nasl
2009-11-11	Name : CentOS Security Advisory CESA-2009:1550 (kernel) File : nvt/ovcesa2009_1550.nasl
2009-03-02	Name : RedHat Security Advisory RHSA-2009:0021 File : nvt/RHSA_2009_0021.nasl
2009-02-13	Name : Fedora Update for kernel FEDORA-2008-11593 File : nvt/gb_fedora_2008_11593_kernel_fc10.nasl
2009-02-13	Name : Fedora Update for kernel FEDORA-2008-11618 File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl
2009-02-10	Name : RedHat Security Advisory RHSA-2009:0053 File : nvt/RHSA_2009_0053.nasl
2009-02-02	Name : Mandrake Security Advisory MDVSA-2009:032 (kernel) File : nvt/mdksa_2009_032.nasl
2009-02-02	Name : Ubuntu USN-715-1 (linux) File : nvt/ubuntu_715_1.nasl
2009-01-20	Name : RedHat Security Advisory RHSA-2009:0014 File : nvt/RHSA_2009_0014.nasl
2009-01-20	Name : CentOS Security Advisory CESA-2009:0014 (kernel) File : nvt/ovcesa2009_0014.nasl
2009-01-20	Name : SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug) File : nvt/suse_sa_2009_003.nasl
2008-12-23	Name : Debian Security Advisory DSA 1687-1 (linux-2.6) File : nvt/deb_1687_1.nasl
2008-12-10	Name : Debian Security Advisory DSA 1681-1 (linux-2.6.24) File : nvt/deb_1681_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
50272	Linux Kernel sendmsg() Socket Operation Garbage Collector Local DoS

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0021.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-06-28	Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0010.nasl - Type : ACT_GATHER_INFO
2010-01-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2009-11-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-090114.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-032.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Fedora host is missing a security update. File : fedora_2008-11593.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-714-1.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-715-1.nasl - Type : ACT_GATHER_INFO
2009-01-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0225.nasl - Type : ACT_GATHER_INFO
2009-01-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2008-12-26	Name : The remote Fedora host is missing a security update. File : fedora_2008-11618.nasl - Type : ACT_GATHER_INFO
2008-12-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1687.nasl - Type : ACT_GATHER_INFO
2008-12-05	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1681.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=473259
http://marc.info/?l=linux-netdev&m=122721862313564&w=2
http://marc.info/?l=linux-netdev&m=122765505415944&w=2
http://osvdb.org/50272
http://secunia.com/advisories/32913
http://secunia.com/advisories/32998
http://secunia.com/advisories/33083
http://secunia.com/advisories/33348
http://secunia.com/advisories/33556
http://secunia.com/advisories/33706
http://secunia.com/advisories/33756
http://secunia.com/advisories/33854
http://securityreason.com/securityalert/4673
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0332
http://www.debian.org/security/2008/dsa-1681
http://www.mandriva.com/security/advisories?name=MDVSA-2009:032
http://www.redhat.com/support/errata/RHSA-2009-0014.html
http://www.redhat.com/support/errata/RHSA-2009-0053.html
http://www.securityfocus.com/archive/1/499044/100/0/threaded
http://www.securityfocus.com/archive/1/512019/100/0/threaded
http://www.securityfocus.com/bid/32516
http://www.ubuntu.com/usn/usn-715-1
https://bugzilla.redhat.com/show_bug.cgi?id=470201
https://exchange.xforce.ibmcloud.com/vulnerabilities/46943
https://issues.rpath.com/browse/RPL-2915
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://rhn.redhat.com/errata/RHSA-2009-1550.html
https://usn.ubuntu.com/714-1/
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg0135...

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 23:12:53	Multiple Updates
2024-11-28 12:17:07	Multiple Updates
2024-08-02 12:10:14	Multiple Updates
2024-08-02 01:02:52	Multiple Updates
2024-02-02 01:09:47	Multiple Updates
2024-02-01 12:02:50	Multiple Updates
2023-09-05 12:09:08	Multiple Updates
2023-09-05 01:02:42	Multiple Updates
2023-09-02 12:09:14	Multiple Updates
2023-09-02 01:02:43	Multiple Updates
2023-08-12 12:10:51	Multiple Updates
2023-08-12 01:02:42	Multiple Updates
2023-08-11 12:09:17	Multiple Updates
2023-08-11 01:02:48	Multiple Updates
2023-08-06 12:08:54	Multiple Updates
2023-08-06 01:02:44	Multiple Updates
2023-08-04 12:08:59	Multiple Updates
2023-08-04 01:02:47	Multiple Updates
2023-07-14 12:08:58	Multiple Updates
2023-07-14 01:02:44	Multiple Updates
2023-03-29 01:10:12	Multiple Updates
2023-03-28 12:02:50	Multiple Updates
2022-10-11 12:07:57	Multiple Updates
2022-10-11 01:02:33	Multiple Updates
2021-05-04 12:08:26	Multiple Updates
2021-04-22 01:08:47	Multiple Updates
2020-05-23 00:22:39	Multiple Updates
2018-10-12 00:20:30	Multiple Updates
2018-10-04 00:19:33	Multiple Updates
2017-09-29 09:23:50	Multiple Updates
2017-08-08 09:24:32	Multiple Updates
2016-06-28 17:21:39	Multiple Updates
2016-04-26 18:04:39	Multiple Updates
2014-02-17 10:47:26	Multiple Updates
2013-05-11 00:31:34	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	8
CPE ID(s)	6
Sources(s)	30
osvdb(s)	1
Openvas Exploit(s)	15
Nessus® Exploit(s)	19

	Related
10	USN-714-1
10	RHSA-2009:0053
10	DSA-1681
7.8	VMSA-2010-0010
7.8	RHSA-2009:1550
7.8	RHSA-2009:0014
7.8	DSA-1687
7.2	USN-715-1
6.9	RHSA-2009:0021
4.9	MDVSA-2009:032
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

4.9 - CVE-2008-5300

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU