PT-2008-4501 · Linux · Linux Kernel
Marcus Meissner
·
Publicado
2008-07-09
·
Atualizado
2020-07-31
·
CVE-2008-3077
CVSS v2.0
4.9
Média
| Vetor | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 2.6.25.10
Description:
The issue is related to a leak of task struct references into the sys32 ptrace function in the Linux kernel on the x86 64 platform. This leak can be exploited by local users to cause a denial of service, potentially leading to a system crash, or may have other unspecified impacts. The leak could be related to a use-after-free vulnerability, although the exact vectors for exploitation are not specified.
Recommendations:
For Linux kernel versions prior to 2.6.25.10, update to version 2.6.25.10 or later to resolve the issue.
Correção
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel