PT-2008-5563 · Linux+1 · Linux Kernel+1
Published
2008-09-29
·
Updated
2024-02-15
·
CVE-2008-4302
CVSS v2.0
4.9
Medium
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 2.6.22.2
Description:
The issue is related to the splice subsystem in the Linux kernel, where a failure in the
add to page cache lru function is not properly handled, leading to an attempt to unlock a page that was not locked. This can cause a denial of service, resulting in a kernel BUG and system crash. The fio I/O tool can be used to demonstrate this issue.Recommendations:
For Linux kernel versions prior to 2.6.22.2, update to version 2.6.22.2 or later to resolve the issue.
Exploit
Fix
DoS
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel
Red Hat