CVE-2008-5033

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.25.x through 2.6.25.18 Linux kernel versions 2.6.26.x through 2.6.26.6 Linux kernel versions 2.6.27.x through 2.6.27.2 SUSE Linux Enterprise (affected versions not specified) openSUSE (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the Linux kernel, which can lead to a denial of service (NULL function pointer dereference and OOPS) via unknown vectors. The chip command function in drivers/media/video/tvaudio.c is specifically mentioned as vulnerable. These vulnerabilities can be exploited remotely.

Recommendations For Linux kernel versions 2.6.25.x, update to version 2.6.25.19 or later. For Linux kernel versions 2.6.26.x, update to version 2.6.26.7 or later. For Linux kernel versions 2.6.27.x, update to version 2.6.27.3 or later. For SUSE Linux Enterprise and openSUSE, update to the latest available version or apply the recommended patches. As a temporary workaround, consider disabling the chip command function in drivers/media/video/tvaudio.c until a patch is available.