CVE-2008-5009

CVSS V2 Medium 4 CVSS V3 None

Description

Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file.

Overview

CVE ID
CVE-2008-5009

Assigner
cve@mitre.org

Vulnerability Status
Modified

Published Version
2008-11-10T15:23:19

Last Modified Date
2018-10-30T16:25:15

Weakness Enumerations

CWE	URL
CWE-362	http://cwe.mitre.org/data/definitions/362.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
		AND
cpe:2.3:a:sun:solstice_x.25:9.2:unknown:sparc:::::*	1	OR
cpe:2.3:a:sun:solstice_x.25:9.2:unknown:x86:::::*	1	OR
cpe:2.3:o:sun:sunos:5.8:::::::*	0	OR
cpe:2.3:o:sun:sunos:5.9:::::::*	0	OR
cpe:2.3:o:sun:sunos:5.10:::::::*	0	OR

CVSS Version 2

Version
2.0

Vector String
AV:L/AC:H/Au:N/C:N/I:N/A:C

Access Vector
LOCAL

Access Compatibility
HIGH

Authentication
NONE

Confidentiality Impact
NONE

Integrity Impact
NONE

Availability Impact
COMPLETE

Base Score
4

Severity
MEDIUM

Exploitability Score
1.9

Impact Score
6.9

References

Reference URL	Reference Tags
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243106-1	Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-108670-21-1	Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-21-108669-21-1	Patch
http://securitytracker.com/id?1021156
http://secunia.com/advisories/32667
http://www.securityfocus.com/bid/32215
http://www.vupen.com/english/advisories/2008/3087
https://exchange.xforce.ibmcloud.com/vulnerabilities/46466

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2008-5009
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5009

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 18:02:16				Added to TrackCVE