CVE-2008-0600

CVSS V2 High 7.2 CVSS V3 None

Description

The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.

Overview

CVE ID
CVE-2008-0600

Assigner
secalert@redhat.com

Vulnerability Status
Modified

Published Version
2008-02-12T21:00:00

Last Modified Date
2023-02-13T02:18:44

Weakness Enumerations

CWE	URL
CWE-94	http://cwe.mitre.org/data/definitions/94.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
cpe:2.3:o:linux:linux_kernel:2.6.17:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc1::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc4::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc5::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17:rc6::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.5:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.6:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.7:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.8:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.9:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.10:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.11:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.12:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.13:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.17.14:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc1::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc4::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc5::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc6::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18:rc7::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.5:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.6:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.7:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.18.8:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19:rc1::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19:rc3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19:rc4::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.19.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.5:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.6:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.7:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.8:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.9:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.10:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.11:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.12:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.13:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.14:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.20.15:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git1::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git4::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git5::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git6::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:git7::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:rc3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:rc4::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:rc5::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:rc6::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21:rc7::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.21.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22:rc6::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.5:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.6:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.7:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.22.16:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23:rc1::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.1:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.2:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.3:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.4:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.5:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.6:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.7:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.9:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.23.14:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.24:::::::*	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.24:rc2::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.24:rc3::::::	1	OR
cpe:2.3:o:linux:linux_kernel:2.6.24.1:::::::*	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector
LOCAL

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
COMPLETE

Integrity Impact
COMPLETE

Availability Impact
COMPLETE

Base Score
7.2

Severity
HIGH

Exploitability Score
3.9

Impact Score
10

References

Reference URL	Reference Tags
http://marc.info/?l=linux-kernel&m=120264773202422&w=2	Exploit
http://marc.info/?l=linux-kernel&m=120263652322197&w=2	Exploit
http://marc.info/?l=linux-kernel&m=120264520431307&w=2	Exploit
http://marc.info/?l=linux-kernel&m=120266328220808&w=2	Exploit
http://marc.info/?l=linux-kernel&m=120266353621139&w=2	Exploit
http://wiki.rpath.com/Advisories:rPSA-2008-0052
http://www.debian.org/security/2008/dsa-1494
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:043
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
http://www.redhat.com/support/errata/RHSA-2008-0129.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html
http://www.ubuntu.com/usn/usn-577-1
http://www.securityfocus.com/bid/27704
http://secunia.com/advisories/28835
http://secunia.com/advisories/28858
http://secunia.com/advisories/28875
http://secunia.com/advisories/28896
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052
https://bugzilla.redhat.com/show_bug.cgi?id=432229
https://bugzilla.redhat.com/show_bug.cgi?id=432517
https://issues.rpath.com/browse/RPL-2237
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html
http://securitytracker.com/id?1019393
http://secunia.com/advisories/28889
http://secunia.com/advisories/28912
http://secunia.com/advisories/28925
http://secunia.com/advisories/28933
http://secunia.com/advisories/28937
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html
http://www.securityfocus.com/bid/27801
http://secunia.com/advisories/29245
http://secunia.com/advisories/30818
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
http://www.vupen.com/english/advisories/2008/0487/references
https://www.exploit-db.com/exploits/5092
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358
http://www.securityfocus.com/archive/1/488009/100/0/threaded

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2008-0600
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 18:02:33				Added to TrackCVE
2023-02-02 15:01:56		2023-02-02T14:15:13	CVE Modified Date	updated
2023-02-02 15:01:56	The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.	CVE-2008-0600 kernel vmsplice_to_pipe flaw	Description	updated
2023-02-13 03:02:20		2023-02-13T02:18:44	CVE Modified Date	updated
2023-02-13 03:02:21	CVE-2008-0600 kernel vmsplice_to_pipe flaw	The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.	Description	updated