Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2008:224-1 | First vendor Publication | 2008-11-07 |
Vendor | Mandriva | Last vendor Modification | 2008-11-07 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 4.7 | Attack Range | Local |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. (CVE-2008-3528) The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. (CVE-2008-3831) The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. (CVE-2008-4554) Additionaly, a problem with TCP options ordering, which could manifest as connection problems with many websites (bug #43372), was solved, a number of fixes for Intel HDA were added, another number of fixes for issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and others, were also added. Check package changelog for more information. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Update: The previous update included a patch which introduced a bug that would make the boot process to stop halfway in several machines. That patch has been removed in this new update, to avoid that problem. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:224-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-264 | Permissions, Privileges, and Access Controls |
33 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10852 | |||
Oval ID: | oval:org.mitre.oval:def:10852 | ||
Title: | The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir-i_size and dir-i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. | ||
Description: | The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3528 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11142 | |||
Oval ID: | oval:org.mitre.oval:def:11142 | ||
Title: | The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. | ||
Description: | The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4554 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11542 | |||
Oval ID: | oval:org.mitre.oval:def:11542 | ||
Title: | The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. | ||
Description: | The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3831 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8642 | |||
Oval ID: | oval:org.mitre.oval:def:8642 | ||
Title: | VMware kernel fs/ext2/dir.c fs/ext3/dir.c and possibly fs/ext4/dir.c vulnerability | ||
Description: | The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3528 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0326 centos5 i386 File : nvt/gb_CESA-2009_0326_kernel_centos5_i386.nasl |
2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel6.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5039274.nasl |
2009-06-30 | Name : Fedora Core 9 FEDORA-2009-6846 (kernel) File : nvt/fcore_2009_6846.nasl |
2009-06-09 | Name : SuSE Security Advisory SUSE-SA:2009:030 (kernel) File : nvt/suse_sa_2009_030.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-5383 (kernel) File : nvt/fcore_2009_5383.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:224-1 (kernel) File : nvt/gb_mandriva_MDVSA_2008_224_1.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:224 (kernel) File : nvt/gb_mandriva_MDVSA_2008_224.nasl |
2009-04-06 | Name : RedHat Security Advisory RHSA-2009:0326 File : nvt/RHSA_2009_0326.nasl |
2009-04-06 | Name : CentOS Security Advisory CESA-2009:0326 (kernel) File : nvt/ovcesa2009_0326.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1 File : nvt/gb_ubuntu_USN_679_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux vulnerability USN-662-1 File : nvt/gb_ubuntu_USN_662_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0972-01 File : nvt/gb_RHSA-2008_0972-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:1017-01 File : nvt/gb_RHSA-2008_1017-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 i386 File : nvt/gb_CESA-2008_0972_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 x86_64 File : nvt/gb_CESA-2008_0972_kernel_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8929 File : nvt/gb_fedora_2008_8929_kernel_fc9.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8980 File : nvt/gb_fedora_2008_8980_kernel_fc8.nasl |
2009-02-13 | Name : Fedora Update for kernel FEDORA-2008-11618 File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl |
2009-02-02 | Name : Fedora Core 9 FEDORA-2009-0816 (kernel) File : nvt/fcore_2009_0816.nasl |
2009-01-26 | Name : RedHat Security Advisory RHSA-2009:0009 File : nvt/RHSA_2009_0009.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:056 File : nvt/gb_suse_2008_056.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:053 File : nvt/gb_suse_2008_053.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:052 File : nvt/gb_suse_2008_052.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:051 File : nvt/gb_suse_2008_051.nasl |
2009-01-20 | Name : SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug) File : nvt/suse_sa_2009_003.nasl |
2008-12-23 | Name : Debian Security Advisory DSA 1687-1 (linux-2.6) File : nvt/deb_1687_1.nasl |
2008-12-10 | Name : Debian Security Advisory DSA 1681-1 (linux-2.6.24) File : nvt/deb_1681_1.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1655-1 (linux-2.6.24) File : nvt/deb_1655_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50049 | Linux Kernel fs/splice.c do_splice_from Function O_APPEND File Descriptor Rej... |
49183 | Linux Kernel DRM_I915_HWS_ADDR Crafted IOCTL Request Local Privilege Escalation |
49088 | Linux Kernel fs/ext*/dir.c Error Reporting Functionality Corrupted Filesystem... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0004.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0326.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1017.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090401_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081119_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5735.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5667.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1017.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0326.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5668.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-081022.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-090114.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-6274.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-224.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-679-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-662-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-659-1.nasl - Type : ACT_GATHER_INFO |
2009-04-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0326.nasl - Type : ACT_GATHER_INFO |
2008-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1017.nasl - Type : ACT_GATHER_INFO |
2008-12-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1687.nasl - Type : ACT_GATHER_INFO |
2008-12-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1681.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5734.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5751.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8929.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8980.nasl - Type : ACT_GATHER_INFO |
2008-10-21 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO |
2008-10-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1655.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:39:46 |
|