Launchpad.net

CVE 2008-0009

The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.

Related bugs and status

CVE-2008-0009 (Candidate) is related to these bugs:

Bug #90271: Regression: RealTek 8139 hard-locks system on installation/modprobe (affects Averatec, Philips laptops)

		In	Importance	Status
90271	Regression: RealTek 8139 hard-locks system on installation/modprobe (affects Averatec, Philips laptops)	linux-source-2.6.20 (Ubuntu)	High	Won't Fix
90271	Regression: RealTek 8139 hard-locks system on installation/modprobe (affects Averatec, Philips laptops)	linux-source-2.6.22 (Ubuntu)	Medium	Won't Fix
90271	Regression: RealTek 8139 hard-locks system on installation/modprobe (affects Averatec, Philips laptops)	linux (Ubuntu)	Medium	Fix Released

Bug #94186: 3c59x - 10/100 NIC fails to link to gigabit switch

		In	Importance	Status
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.22 (Ubuntu)	Low	Fix Released
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux (Ubuntu)	Undecided	Fix Released

Bug #106931: Unable to detect ITE8212 RAID0 array

		In	Importance	Status
106931	Unable to detect ITE8212 RAID0 array	linux-source-2.6.20 (Ubuntu)	Medium	Won't Fix
106931	Unable to detect ITE8212 RAID0 array	linux-source-2.6.22 (Ubuntu)	Undecided	Won't Fix
106931	Unable to detect ITE8212 RAID0 array	linux (Ubuntu)	Medium	Fix Released
106931	Unable to detect ITE8212 RAID0 array	Ubuntu	Undecided	Invalid

Bug #125250: Don't recognise USB Pendrive -> sr0: disc change detected.

		In	Importance	Status
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Hardy)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Hardy)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Intrepid)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Intrepid)	Undecided	Invalid
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Jaunty)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Jaunty)	Undecided	Invalid

Bug #147858: western digital WD800ADFS ncq problems

		In	Importance	Status
147858	western digital WD800ADFS ncq problems	linux-source-2.6.22 (Ubuntu)	Medium	Won't Fix
147858	western digital WD800ADFS ncq problems	linux (Ubuntu)	Low	Fix Released
147858	western digital WD800ADFS ncq problems	Ubuntu	Undecided	Invalid

Bug #159561: Attansic L1 network driver not found on alterative install cd

Summary				In	Importance	Status
	159561	Attansic L1 network driver not found on alterative install cd		linux (Ubuntu)	Low	Fix Released

Bug #182716: bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.

		In	Importance	Status
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Ubuntu)	Medium	Fix Released
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Ubuntu	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Linux	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Mandriva)	Undecided	New
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux-source-2.6.22 (Ubuntu)	Undecided	Won't Fix
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Baltix)	Undecided	New

Bug #184600: ssb error while loading wifi module b43

Summary				In	Importance	Status
	184600	ssb error while loading wifi module b43		linux (Ubuntu)	Medium	Fix Released
	184600	ssb error while loading wifi module b43		linux (Ubuntu Hardy)	Medium	Fix Released

Bug #189560: please enable IP_ADVANCED_ROUTER and IP_MULTIPLE_TABLES in sparc, hppa

Summary				In	Importance	Status
	189560	please enable IP_ADVANCED_ROUTER and IP_MULTIPLE_TABLES in sparc, hppa		linux (Ubuntu)	Wishlist	Fix Released

Bug #190587: Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)

		In	Importance	Status
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux-source-2.6.22 (Ubuntu)	High	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	Gentoo Linux	Undecided	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	Debian	Unknown	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux (Ubuntu)	High	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux (Fedora)	Critical	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux-source-2.6.20 (Ubuntu)	High	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux-source-2.6.17 (Ubuntu)	High	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	Mandriva	Critical	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	linux-source-2.6.15 (Ubuntu)	Undecided	Invalid
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	CentOS	Critical	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	Ubuntu	Undecided	Fix Released
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	gplcver (Ubuntu)	Undecided	Invalid
190587	Local root exploit in kernel 2.6.17 - 2.6.24 (vmsplice)	Linux	High	Fix Released

Bug #190591: mmap() local root exploit (via sys_vmsplice)

Summary				In	Importance	Status
	190591	mmap() local root exploit (via sys_vmsplice)		linux-source-2.6.22 (Ubuntu)	Undecided	New
	190591	mmap() local root exploit (via sys_vmsplice)		linux (Debian)	Unknown	Fix Released

Bug #195354: AMD SB700 patches to linux_2.6.24-10.16

Summary				In	Importance	Status
	195354	AMD SB700 patches to linux_2.6.24-10.16		linux (Ubuntu)	Medium	Fix Released

Bug #196745: RedOctane Guitar Hero X-plorer support (xpad)

Summary				In	Importance	Status
	196745	RedOctane Guitar Hero X-plorer support (xpad)		linux (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-0009

Related bugs and status

Related bugs

References