{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-09T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"}, {"name": "27801", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27801"}, {"name": "MDVSA-2008:043", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"}, {"name": "oval:org.mitre.oval:def:11358", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"}, {"name": "28858", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28858"}, {"name": "DSA-1494", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1494"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"}, {"name": "USN-577-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-577-1"}, {"name": "SUSE-SA:2008:007", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"}, {"name": "28875", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28875"}, {"name": "28933", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28933"}, {"name": "FEDORA-2008-1629", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"}, {"name": "ADV-2008-0487", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0487/references"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"}, {"name": "SUSE-SA:2008:013", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"}, {"name": "28889", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28889"}, {"name": "28937", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28937"}, {"name": "FEDORA-2008-1433", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"}, {"name": "FEDORA-2008-1422", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"}, {"name": "5092", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5092"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"}, {"name": "MDVSA-2008:044", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"}, {"name": "29245", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29245"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"}, {"name": "28896", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28896"}, {"name": "28925", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28925"}, {"name": "28835", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28835"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2237"}, {"name": "FEDORA-2008-1423", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"}, {"name": "20080212 rPSA-2008-0052-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"}, {"name": "28912", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28912"}, {"name": "SUSE-SA:2008:030", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"name": "RHSA-2008:0129", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"}, {"name": "1019393", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019393"}, {"name": "30818", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30818"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"}, {"name": "27704", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27704"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:54:21.972Z"}, "title": "CVE Program Container", "references": [{"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"}, {"name": "27801", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27801"}, {"name": "MDVSA-2008:043", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"}, {"name": "oval:org.mitre.oval:def:11358", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"}, {"name": "28858", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28858"}, {"name": "DSA-1494", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1494"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"}, {"name": "USN-577-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-577-1"}, {"name": "SUSE-SA:2008:007", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"}, {"name": "28875", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28875"}, {"name": "28933", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28933"}, {"name": "FEDORA-2008-1629", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"}, {"name": "ADV-2008-0487", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0487/references"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"}, {"name": "SUSE-SA:2008:013", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"}, {"name": "28889", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28889"}, {"name": "28937", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28937"}, {"name": "FEDORA-2008-1433", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"}, {"name": "FEDORA-2008-1422", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"}, {"name": "5092", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/5092"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"}, {"name": "MDVSA-2008:044", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"}, {"name": "29245", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29245"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"}, {"name": "28896", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28896"}, {"name": "28925", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28925"}, {"name": "28835", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28835"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2237"}, {"name": "FEDORA-2008-1423", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"}, {"name": "20080212 rPSA-2008-0052-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"}, {"name": "28912", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28912"}, {"name": "SUSE-SA:2008:030", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"name": "RHSA-2008:0129", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"}, {"name": "1019393", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1019393"}, {"name": "30818", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30818"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"}, {"name": "27704", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27704"}, {"name": "[linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-0600", "datePublished": "2008-02-12T20:00:00.000Z", "dateReserved": "2008-02-05T00:00:00.000Z", "dateUpdated": "2024-08-07T07:54:21.972Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "matchCriteriaId": "980A6C7D-6175-4A44-8377-74AA7A9FD108", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "matchCriteriaId": "5C226902-04D9-4F32-866C-20225841ECF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "matchCriteriaId": "C6EDD210-6E7B-4BD8-96C2-2C22FEE7DE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "matchCriteriaId": "655DB612-AF49-4C17-AFB9-2E33EE8E0572", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "matchCriteriaId": "7EE30F34-EE81-4E1E-BF9F-A7A36B78B897", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "matchCriteriaId": "E1F65DF2-2794-47B7-9676-CCF150683CC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "matchCriteriaId": "6555D45B-D3B3-4455-AB1E-E513F9FB6139", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "matchCriteriaId": "4FA5E262-7825-496F-AA72-0AD6DE6F3C78", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "matchCriteriaId": "56C6C01B-4CED-4F37-A415-0603496C27DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "matchCriteriaId": "9E62F6FA-6C96-4AEE-8547-8C2FE1FAD998", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "matchCriteriaId": "FE3ACE7A-A600-4ABB-B988-5D59D626DC0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "matchCriteriaId": "2F839622-3DE1-4A16-8BD2-5FA2CBF014D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "matchCriteriaId": "DC47887B-5608-47BE-85EE-563864461915", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "matchCriteriaId": "AF39E62B-EAB4-44B0-A421-2A71B7DD8341", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "matchCriteriaId": "809264F1-763D-4A8F-B206-222332DD8732", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "matchCriteriaId": "A66ED53E-3139-4972-B027-D614BFFB8628", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "matchCriteriaId": "85A3AB7A-1959-4A57-B83D-B2753C43649E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "matchCriteriaId": "B8FB7FA3-727D-4BB9-937C-F4F5DA97FFCA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "matchCriteriaId": "4A60B265-5508-4EE0-980A-44BB0966FD7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "matchCriteriaId": "1817C772-D367-4ABE-B835-466D31A6DC89", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "matchCriteriaId": "C667B8E4-64EB-4A05-84FF-B2243DEF757D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "matchCriteriaId": "9484B41A-DFB6-4481-80D8-440C711CEA53", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "matchCriteriaId": "53D373AF-DE6B-428E-9F0F-F1D220900A4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "matchCriteriaId": "F2975DF7-F916-456C-BF7C-2694559E5282", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "matchCriteriaId": "6D156EFF-D2E5-4F42-B6E7-954DE6CD90B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "matchCriteriaId": "784EB96E-2FD3-4F77-8DB6-4D6C7A928946", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "matchCriteriaId": "338BB401-8831-4094-9186-2B3CFA5903D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "matchCriteriaId": "1E32E6BA-AFEF-44A8-B230-87DD043BB222", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "matchCriteriaId": "F69E575B-BD1A-4E50-8D6F-131D5E08058E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*", "matchCriteriaId": "20F6269B-5F6B-4413-B14D-7AE5442E4CCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*", "matchCriteriaId": "189D1246-F975-4411-A58B-343ED90485FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*", "matchCriteriaId": "1B914F7F-C6BD-4527-B1E9-7FD1E337A18C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*", "matchCriteriaId": "82EC9FCA-D17D-4CB9-B925-E8F8B68F8FCE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "4ED4E9DD-DDAD-46A8-9AD2-9CAE406F7575", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "8D97ED16-D6B7-4445-889C-4D6DE2EDC49A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "B2C2D5D4-9A4B-4CDF-8D71-D22EB5E97D5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "DFFB2843-A867-48EC-97D7-B106C7BBAED0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*", "matchCriteriaId": "6554469E-F6AE-4EB0-880E-CBFD196FEE31", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F99CFC1-DCCE-47B9-98EF-84AEDAECE02E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*", "matchCriteriaId": "C20367B0-F722-4442-8B59-ABB0FEDB8CC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "FB1E1A8B-6FA1-45AD-B034-EC34884527DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D3A5FD5-4C42-4B00-8473-D5650FAED9C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*", "matchCriteriaId": "480F035A-A59D-4113-A246-DF108BB2F591", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*", "matchCriteriaId": "30D39E29-B2A0-4075-84AF-994C27AB0A68", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*", "matchCriteriaId": "19879317-B067-45DA-B497-21EBDDDC2521", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.6:*:*:*:*:*:*:*", "matchCriteriaId": "D220C745-28AD-4D04-B2D2-A090D229206E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.7:*:*:*:*:*:*:*", "matchCriteriaId": "8BC5B3A6-6CD5-448D-B910-3BAD15FDC3A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*", "matchCriteriaId": "E4AF8895-7BF8-458E-B2BB-68699AABC023", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*", "matchCriteriaId": "CA768A9D-6C63-405E-9D14-5D68F8E93A91", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*", "matchCriteriaId": "FF495E58-DA6C-402D-B381-4929CB8A502B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*", "matchCriteriaId": "AA794BE8-1A22-4BF8-AB79-53E7BCE60D9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*", "matchCriteriaId": "A591301C-C30F-44AC-90F0-709A18AA96E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*", "matchCriteriaId": "F7D2606B-00A6-4FA3-A00D-B1E8A80B947C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*", "matchCriteriaId": "610A93BB-70E3-4BF1-83E8-8A7388477F44", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*", "matchCriteriaId": "821BD11F-3C6A-4424-BC9B-DFD786248B07", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git1:*:*:*:*:*:*", "matchCriteriaId": "C8CBD2D9-3765-40B2-A056-D71BE750CC01", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git2:*:*:*:*:*:*", "matchCriteriaId": "A8F4D967-ED04-42EA-8B3E-36301D39D651", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git3:*:*:*:*:*:*", "matchCriteriaId": "C498EE89-7F07-4B1E-90E6-5897E6B04670", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git4:*:*:*:*:*:*", "matchCriteriaId": "708656AF-92AE-4EAF-AF19-F457DB04ADB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git5:*:*:*:*:*:*", "matchCriteriaId": "3B263AB8-74A4-4C73-915C-A02724C24B45", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git6:*:*:*:*:*:*", "matchCriteriaId": "A96D739B-9E8B-4D2F-9DED-4C9B313473CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git7:*:*:*:*:*:*", "matchCriteriaId": "4ACDEFEE-B946-4232-8BD5-A9F7AA84ED85", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "matchCriteriaId": "247E13CB-9B11-4B64-80AD-C0F8482CCC0E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "matchCriteriaId": "903FE5D3-A9FB-466D-833B-448233BB0803", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "matchCriteriaId": "958EDC43-0848-4D93-9D07-6A085A5940B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "matchCriteriaId": "AD35F21D-0A28-4C14-BCF5-8EDA760701C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "matchCriteriaId": "3AAD8BE9-A05B-40E8-80DF-0B2878968BD6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "matchCriteriaId": "D123AAFE-3F17-45C4-9382-BA392FD022C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*", "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "0E249774-CE05-43D5-A5A3-7CCE24BB2AD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "matchCriteriaId": "8D42BA44-C69B-4170-9867-CABF93CA9BD6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*", "matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*", "matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*", "matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*", "matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*", "matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*", "matchCriteriaId": "5AAC2E9D-0E82-4866-9046-ADD448418198", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*", "matchCriteriaId": "67F2047A-5F17-4B59-9075-41A5DC5C1CD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*", "matchCriteriaId": "13673DF5-09B1-40C8-AC54-A447DE8AB01E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*", "matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*", "matchCriteriaId": "FF6588E7-F4FA-40F5-8945-FC7B6094376E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "52152F5A-1833-4490-A373-9C547B90B0F8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010."}, {"lang": "es", "value": "La funci\u00f3n vmsplice_to_pipe en el Kernel linux de la versi\u00f3n 2.6.17 a la 2.6.24.1 no valida ciertos espacios de memoria antes de referenciarlos, lo que permite a usuarios locales obtener privilegios de root/administrador a trav\u00e9s de argumentos manipulados en una llamada al sistema del tipo vmsplice. Esta es una vulnerabilidad distinta de CVE-2008-0009 y CVE-2008-0010."}], "id": "CVE-2008-0600", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-02-12T21:00:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28835"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28858"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28875"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28889"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28896"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28912"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28925"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28933"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28937"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/29245"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/30818"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1019393"}, {"source": "secalert@redhat.com", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"}, {"source": "secalert@redhat.com", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1494"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/27704"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/27801"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-577-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/0487/references"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2237"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"}, {"source": "secalert@redhat.com", "url": "https://www.exploit-db.com/exploits/5092"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120263652322197&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120264520431307&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120264773202422&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120266328220808&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://marc.info/?l=linux-kernel&m=120266353621139&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28835"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28875"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28889"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28896"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28912"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28925"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28933"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29245"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019393"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0052"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1494"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:043"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0129.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/488009/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27704"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-577-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0487/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432517"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2237"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5092"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4. Updated kernel packages are available to correct this issue for Red Hat Enterprise Linux 5:\nhttps://rhn.redhat.com/errata/RHSA-2008-0129.html", "lastModified": "2008-02-13T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2008:0129", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-53.1.13.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-02-12T00:00:00Z"}], "bugzilla": {"description": "kernel vmsplice_to_pipe flaw", "id": "432251", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432251"}, "csaw": false, "cvss": {"cvss_base_score": "7.2", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "status": "verified"}, "cwe": "CWE-119", "details": ["The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010."], "name": "CVE-2008-0600", "public_date": "2008-02-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-0600\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-0600"], "statement": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4.", "threat_severity": "Important"}

{}