CVE-2008-1669

MEDIUM

Description

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."

ID	Name	Product	Family	Severity
67685	Oracle Linux 4 : kernel (ELSA-2008-0237)	Nessus	Oracle Linux Local Security Checks	high
67683	Oracle Linux 5 : kernel (ELSA-2008-0233)	Nessus	Oracle Linux Local Security Checks	high
67678	Oracle Linux 3 : kernel (ELSA-2008-0211)	Nessus	Oracle Linux Local Security Checks	high
60395	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
60394	Scientific Linux Security Update : kernel on SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
60393	Scientific Linux Security Update : kernel on SL3.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
59129	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477)	Nessus	SuSE Local Security Checks	critical
59128	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5370)	Nessus	SuSE Local Security Checks	high
43682	CentOS 4 : kernel (CESA-2008:0237)	Nessus	CentOS Local Security Checks	high
43681	CentOS 5 : kernel (CESA-2008:0233)	Nessus	CentOS Local Security Checks	high
41533	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473)	Nessus	SuSE Local Security Checks	critical
40380	VMSA-2008-0011 : Updated ESX service console packages for Samba and vmnix	Nessus	VMware ESX Local Security Checks	high
37772	Mandriva Linux Security Advisory : kernel (MDVSA-2008:105)	Nessus	Mandriva Local Security Checks	high
37544	Mandriva Linux Security Advisory : kernel (MDVSA-2008:104)	Nessus	Mandriva Local Security Checks	medium
36653	Mandriva Linux Security Advisory : kernel (MDVSA-2008:167)	Nessus	Mandriva Local Security Checks	high
33432	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)	Nessus	SuSE Local Security Checks	high
33255	Ubuntu 6.06 LTS / 7.04 / 7.10 : linux-source-2.6.15/20/22 vulnerabilities (USN-618-1)	Nessus	Ubuntu Local Security Checks	high
33253	openSUSE 10 Security Update : kernel (kernel-5339)	Nessus	SuSE Local Security Checks	high
33252	openSUSE 10 Security Update : kernel (kernel-5336)	Nessus	SuSE Local Security Checks	high
33093	Ubuntu 8.04 LTS : linux vulnerabilities (USN-614-1)	Nessus	Ubuntu Local Security Checks	high
32384	Fedora 7 : kernel-2.6.23.17-88.fc7 (2008-4043)	Nessus	Fedora Local Security Checks	medium
32346	Fedora 9 : kernel-2.6.25.3-18.fc9 (2008-3949)	Nessus	Fedora Local Security Checks	high
32335	Fedora 8 : kernel-2.6.24.7-92.fc8 (2008-3873)	Nessus	Fedora Local Security Checks	high
32309	Debian DSA-1575-1 : linux-2.6 - denial of service	Nessus	Debian Local Security Checks	medium
32162	RHEL 4 : kernel (RHSA-2008:0237)	Nessus	Red Hat Local Security Checks	high
32161	RHEL 5 : kernel (RHSA-2008:0233)	Nessus	Red Hat Local Security Checks	high
32160	RHEL 3 : kernel (RHSA-2008:0211)	Nessus	Red Hat Local Security Checks	high
32139	CentOS 3 : kernel (CESA-2008:0211)	Nessus	CentOS Local Security Checks	high
801451	CentOS RHSA-2008-0237 Security Check	Log Correlation Engine	Generic	high
801450	CentOS RHSA-2008-0233 Security Check	Log Correlation Engine	Generic	high
801449	CentOS RHSA-2008-0211 Security Check	Log Correlation Engine	Generic	high

CVE-2008-1669

Description

References

Details

Risk Information

CVSS v2.0