CVE-2008-3915

Name of the Vulnerable Software and Affected Versions linux-headers versions 2.6.24-etchnhalf.1-r5k-ip32 through 2.6.24-etchnhalf.1-r5k-ip32 linux-headers versions 2.6.24-etchnhalf.1-all-mips through 2.6.24-etchnhalf.1-all-mips linux-headers versions 2.6.24-etchnhalf.1-r4k-ip22 through 2.6.24-etchnhalf.1-r4k-ip22 linux-image versions 2.6.24-etchnhalf.1-r5k-ip32 through 2.6.24-etchnhalf.1-r5k-ip32 linux-image versions 2.6.24-etchnhalf.1-r4k-ip22 through 2.6.24-etchnhalf.1-r4k-ip22 Linux kernel versions prior to 2.6.26.4

Description The issue concerns multiple vulnerabilities in the Linux kernel and related packages in the Debian GNU/Linux operating system. These vulnerabilities can be exploited remotely and may lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited when NFSv4 is enabled, related to decoding an NFSv4 acl, and may have an unknown impact.

Recommendations For linux-headers versions 2.6.24-etchnhalf.1-r5k-ip32, consider updating to a version that includes the necessary security patches. For linux-headers versions 2.6.24-etchnhalf.1-all-mips, consider updating to a version that includes the necessary security patches. For linux-headers versions 2.6.24-etchnhalf.1-r4k-ip22, consider updating to a version that includes the necessary security patches. For linux-image versions 2.6.24-etchnhalf.1-r5k-ip32, consider updating to a version that includes the necessary security patches. For linux-image versions 2.6.24-etchnhalf.1-r4k-ip22, consider updating to a version that includes the necessary security patches. For Linux kernel versions prior to 2.6.26.4, consider updating to version 2.6.26.4 or later to address the buffer overflow issue in nfsd when NFSv4 is enabled.