CVE-2008-1615

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.

References

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html

http://secunia.com/advisories/30112

http://secunia.com/advisories/30252

http://secunia.com/advisories/30294

http://secunia.com/advisories/30368

http://secunia.com/advisories/30818

http://secunia.com/advisories/30890

http://secunia.com/advisories/30962

http://secunia.com/advisories/30982

http://secunia.com/advisories/31107

http://secunia.com/advisories/31628

http://www.debian.org/security/2008/dsa-1588

http://www.mandriva.com/security/advisories?name=MDVSA-2008:167

http://www.mandriva.com/security/advisories?name=MDVSA-2008:174

http://www.redhat.com/support/errata/RHSA-2008-0237.html

http://www.redhat.com/support/errata/RHSA-2008-0275.html

http://www.redhat.com/support/errata/RHSA-2008-0585.html

http://www.securityfocus.com/bid/29086

http://www.securitytracker.com/id?1020047

http://www.ubuntu.com/usn/usn-625-1

https://bugzilla.redhat.com/show_bug.cgi?id=431430

https://exchange.xforce.ibmcloud.com/vulnerabilities/42278

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9563

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00357.html

Details

Source: MITRE

Published: 2008-05-08

Updated: 2017-09-29

Type: CWE-399

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
79447OracleVM 2.1 : kernel (OVMSA-2008-2005)NessusOracleVM Local Security Checks
high
67691Oracle Linux 5 : kernel (ELSA-2008-0275)NessusOracle Linux Local Security Checks
high
67685Oracle Linux 4 : kernel (ELSA-2008-0237)NessusOracle Linux Local Security Checks
high
60394Scientific Linux Security Update : kernel on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
59129SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477)NessusSuSE Local Security Checks
critical
59128SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5370)NessusSuSE Local Security Checks
high
43685CentOS 5 : kernel (CESA-2008:0275)NessusCentOS Local Security Checks
high
43682CentOS 4 : kernel (CESA-2008:0237)NessusCentOS Local Security Checks
high
41533SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473)NessusSuSE Local Security Checks
critical
36653Mandriva Linux Security Advisory : kernel (MDVSA-2008:167)NessusMandriva Local Security Checks
high
33531Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1)NessusUbuntu Local Security Checks
critical
33432SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)NessusSuSE Local Security Checks
high
33253openSUSE 10 Security Update : kernel (kernel-5339)NessusSuSE Local Security Checks
high
33252openSUSE 10 Security Update : kernel (kernel-5336)NessusSuSE Local Security Checks
high
32448Debian DSA-1588-1 : linux-2.6 - denial of serviceNessusDebian Local Security Checks
high
32391RHEL 5 : kernel (RHSA-2008:0275)NessusRed Hat Local Security Checks
high
32384Fedora 7 : kernel-2.6.23.17-88.fc7 (2008-4043)NessusFedora Local Security Checks
medium
32162RHEL 4 : kernel (RHSA-2008:0237)NessusRed Hat Local Security Checks
high
801451CentOS RHSA-2008-0237 Security CheckLog Correlation EngineGeneric
high