Russian Vulnerability Scanner Database

Back to List

CVE-2008-3275

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

5.5medium3.x
0246810

CVSS Score: 5.5/10

All CVSS Scores

CVSS 3.x
5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0
4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Description

The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (“overflow” of the UBIFS orphan area) via a series of attempted file creations within deleted directories.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdubuntu

CWEs

CWE-120

Related Vulnerabilities

BDU:2015-02636BDU:2015-02637BDU:2015-02638BDU:2015-02639BDU:2015-02640BDU:2015-05014BDU:2015-05015BDU:2015-05016BDU:2015-05017BDU:2015-06237BDU:2015-06238BDU:2015-06242BDU:2015-06244BDU:2015-06253BDU:2015-06254BDU:2015-06257BDU:2015-06259BDU:2015-06268BDU:2015-06269BDU:2015-06272BDU:2015-06273BDU:2015-06274

Vulnerable Software (8)

Type: Configuration

Product: linux

Operating System: ubuntu hardy 8.04

Trait: 
{  "fixed": "2.6.24-19.41"}

Source: ubuntu

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait: 
{  "fixed": "2.6.26-2"}

Source: debian

Type: Configuration

Product: linux-2.6.24

Operating System: debian

Trait: 
{  "fixed": "2.6.24-6~etchnhalf.5"}

Source: debian

Type: Configuration

Vendor: canonical

Product: ubuntu_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*...

Source: nvd

Type: Configuration

Vendor: debian

Product: debian_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: linux

Product: linux_kernel

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",      "versionEndExcluding": "2.6.25.15",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: suse

Product: suse_linux_enterprise_desktop

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:suse_linux_enterpr...

Source: nvd

Type: Configuration

Vendor: suse

Product: suse_linux_enterprise_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:suse_linux_enterpr...

Source: nvd