Namhyung Kim

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.8.8 Debian GNU/Linux (affected versions not specified) **Description** The issue affects the Linux kernel, specifically the ftrace implementation, allowing local users to cause a denial of service or possibly have other impacts by leveraging the CAP SYS ADMIN capability for write access to the `set ftrace pid` or `set graph function` file and then making an lseek system call. This could lead to a disruption in confidentiality, integrity, and availability of protected information. **Recommendations** For Linux kernel versions prior to 3.8.8, update to version 3.8.8 or later to resolve the issue. For Debian GNU/Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `set ftrace pid` and `set graph function` files to minimize the risk of exploitation.