PT-2008-6865 · Linux · Linux

Published

1970-01-01

Updated

2018-10-11

CVE-2008-4113

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-s390-tape version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-ia64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-parisc-smp version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-itanium version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-r5k-cobalt version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-parisc64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-iop32x version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-amd64 version 2.6.24-etchnhalf.1 linux-manual-2.6.24 version 2.6.24 linux-support-2.6.24-etchnhalf.1 version 2.6.24-etchnhalf.1 linux-source-2.6.24 version 2.6.24 linux-image-2.6.24-etchnhalf.1-alpha-legacy version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-powerpc-miboot version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-powerpc64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-alpha-smp version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-sparc64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-amd64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-686 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-powerpc version 2.6.24-etchnhalf.1 linux-doc-2.6.24 version 2.6.24 kernel-rt version not specified linux-image-2.6.24-etchnhalf.1-sparc64-smp version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-alpha-generic version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-parisc64-smp version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-arm version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-footbridge version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-i386 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-sparc version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-footbridge version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-powerpc-miboot version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-alpha-legacy version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-686-bigmem version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-parisc64 version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-s390 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-powerpc64 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-parisc-smp version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-mckinley version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-sparc64-smp version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-486 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a version 2.6.24-etchnhalf.1 linux-patch-debian-2.6.24 version 2.6.24 linux-tree-2.6.24 version 2.6.24 linux-headers-2.6.24-etchnhalf.1-sparc64 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-r5k-cobalt version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-parisc version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-powerpc-smp version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-alpha version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-486 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-hppa version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-686 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-powerpc version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-powerpc version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-ixp4xx version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-iop32x version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-4kc-malta version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-686-bigmem version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-common version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-s390x version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-mipsel version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-alpha-smp version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-5kc-malta version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-s390 version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all-s390 version 2.6.24-etchnhalf.1 kernel-rt debug version not specified linux-headers-2.6.24-etchnhalf.1-ixp4xx version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-itanium version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-mckinley version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-alpha-generic version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-all version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-parisc version 2.6.24-etchnhalf.1 linux-image-2.6.24-etchnhalf.1-5kc-malta version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-parisc64-smp version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-s390x version 2.6.24-etchnhalf.1 linux-headers-2.6.24-etchnhalf.1-4kc-malta version 2.6.24-etchnhalf.1

Description The issue is related to multiple vulnerabilities in the Linux kernel, specifically in the sctp getsockopt hmac ident function, which can be exploited to obtain sensitive information. The vulnerabilities can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be done remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-264CWE-200

Related Identifiers

BDU:2015-00809

BDU:2015-00810

BDU:2015-00811

BDU:2015-00812

BDU:2015-00813

BDU:2015-00814

BDU:2015-00815

BDU:2015-00816

BDU:2015-00817

BDU:2015-00818

BDU:2015-00819

BDU:2015-00820

BDU:2015-00821

BDU:2015-00822

BDU:2015-00823

BDU:2015-00824

BDU:2015-00825

BDU:2015-00826

BDU:2015-00827

BDU:2015-00828

BDU:2015-00829

BDU:2015-00830

BDU:2015-00831

BDU:2015-00832

BDU:2015-00833

BDU:2015-00834

BDU:2015-00835

BDU:2015-00836

BDU:2015-00837

BDU:2015-00838

BDU:2015-00839

BDU:2015-00840

BDU:2015-00841

BDU:2015-00842

BDU:2015-00843

BDU:2015-00844

BDU:2015-00845

BDU:2015-00846

BDU:2015-00847

BDU:2015-00848

BDU:2015-00849

BDU:2015-00850

BDU:2015-00851

BDU:2015-00852

BDU:2015-00853

BDU:2015-00854

BDU:2015-00855

BDU:2015-00856

BDU:2015-00857

BDU:2015-00858

BDU:2015-00859

BDU:2015-00860

BDU:2015-00861

BDU:2015-00862

BDU:2015-00863

BDU:2015-00864

BDU:2015-00865

BDU:2015-00866

BDU:2015-00867

BDU:2015-00868

BDU:2015-00869

BDU:2015-00870

BDU:2015-00871

BDU:2015-00872

BDU:2015-00873

BDU:2015-00874

BDU:2015-00875

BDU:2015-00876

BDU:2015-00877

BDU:2015-00878

BDU:2015-00879

BDU:2015-00880

BDU:2015-00881

BDU:2015-00882

BDU:2015-00883

BDU:2015-00884

BDU:2015-00885

BDU:2015-05034

BDU:2015-05035

CVE-2008-4113

DSA-1655-1

RHSA-2008:0857

Affected Products

Linux

PT-2008-6865 · Linux · Linux

CVE-2008-4113

Weakness Enumeration

Related Identifiers

Affected Products

References · 104