PT-2008-4501 · Linux · Linux Kernel

Marcus Meissner

Published

2008-07-09

Updated

2020-07-31

CVE-2008-3077

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.25.10

Description: The issue is related to a leak of task struct references into the sys32 ptrace function in the Linux kernel on the x86 64 platform. This leak can be exploited by local users to cause a denial of service, potentially leading to a system crash, or may have other unspecified impacts. The leak could be related to a use-after-free vulnerability, although the exact vectors for exploitation are not specified.

Recommendations: For Linux kernel versions prior to 2.6.25.10, update to version 2.6.25.10 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2008-3077

Affected Products

Linux Kernel

PT-2008-4501 · Linux · Linux Kernel

CVE-2008-3077

Weakness Enumeration

Related Identifiers

Affected Products

References · 7