#VU95206 Resource management errors in Linux kernel - CVE-2008-1675

Cybersecurity Help s.r.o.

Published: 2008-05-02 | Updated: 2018-10-11

Vulnerability identifier: #VU95206

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2008-1675

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://marc.info/?l=linux-kernel&m=120949204519706&w=2
https://marc.info/?l=linux-kernel&m=120949204619718&w=2
https://marc.info/?l=linux-kernel&m=120949582428998&w=2
https://secunia.com/advisories/30017
https://secunia.com/advisories/30044
https://secunia.com/advisories/30260
https://secunia.com/advisories/30515
https://wiki.rpath.com/Advisories:rPSA-2008-0157
https://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
https://www.mandriva.com/security/advisories?name=MDVSA-2008:109
https://www.mandriva.com/security/advisories?name=MDVSA-2008:167
https://www.securityfocus.com/archive/1/491566/100/0/threaded
https://www.securityfocus.com/archive/1/491732/100/0/threaded
https://www.securityfocus.com/bid/29014
https://www.securitytracker.com/id?1019960
https://www.vupen.com/english/advisories/2008/1406/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42132
https://issues.rpath.com/browse/RPL-2501
https://usn.ubuntu.com/614-1/
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management errors in Linux kernel