PT-2008-6428 · Linux+1 · Linux Kernel+1

Dann Frazier

Published

2008-12-01

Updated

2018-10-11

CVE-2008-5300

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.28

Description The issue allows local users to cause a denial of service, resulting in a "soft lockup" and process loss. This occurs when a large number of sendmsg function calls are made, which does not block during AF UNIX garbage collection and triggers an OOM condition.

Recommendations For Linux kernel version 2.6.28, as a temporary workaround, consider restricting the use of the sendmsg function to minimize the risk of exploitation. Additionally, monitor system resources to prevent OOM conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2008-5300

DSA-1681-1

DSA-1687-1

RHSA-2009:0014

RHSA-2009:0021

RHSA-2009:0053

RHSA-2009:0225

RHSA-2009:1550

RHSA-2009_0014

RHSA-2009_0225

Affected Products

Linux Kernel

Red Hat

PT-2008-6428 · Linux+1 · Linux Kernel+1

CVE-2008-5300

Weakness Enumeration

Related Identifiers

Affected Products

References · 193