PT-2008-6428 · Linux+1 · Linux Kernel+1

Dann Frazier

Publicado

2008-12-01

Atualizado

2018-10-11

CVE-2008-5300

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.28

Description The issue allows local users to cause a denial of service, resulting in a "soft lockup" and process loss. This occurs when a large number of sendmsg function calls are made, which does not block during AF UNIX garbage collection and triggers an OOM condition.

Recommendations For Linux kernel version 2.6.28, as a temporary workaround, consider restricting the use of the sendmsg function to minimize the risk of exploitation. Additionally, monitor system resources to prevent OOM conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2008-5300

DSA-1681-1

DSA-1687-1

RHSA-2009:0014

RHSA-2009:0021

RHSA-2009:0053

RHSA-2009:0225

RHSA-2009:1550

RHSA-2009_0014

RHSA-2009_0225

Produtos afetados

Linux Kernel

Red Hat

PT-2008-6428 · Linux+1 · Linux Kernel+1

CVE-2008-5300

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 193