CVE-2008-5701
Advisory lineage Upstream: 0 Downstream: 2
Downstream
Modified
Published: 22 Dec 2008, 15:00
Last modified:07 Aug 2024, 11:04
Vulnerability Summary
Overall Risk (default)
low
19/100 CVSS Score
4.7 MEDIUM
v2.0 (nvd)
EPSS Score
0.06% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 Dec 2008, 15:00
Published
Vulnerability first disclosed
07 Aug 2024, 11:04
Last Modified
Vulnerability information updated
Description
Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attempted read operation outside the bounds of the syscall table.
CVSS Metrics
- v2.0•MEDIUM•Score: 4.7AV:L/AC:M/Au:N/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.06%• Percentile: 19%
Techniques & Countermeasures
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- debian•debian_linux
4.0
- linux•linux_kernel
≤ 2.6.28 | 2.6.28:rc1 | 2.6.28:rc2 | 2.6.28:rc3 | 2.6.28:rc4 | 2.6.28:rc5 | 2.6.28:rc6 | 2.6.28:rc7
References (10)
- http://openwall.com/lists/oss-security/2008/12/09/1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47190
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc8
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=e807f9574e37a3f202e677feaaad1b7c5d2c0db8
- http://www.debian.org/security/2009/dsa-1794
- http://secunia.com/advisories/33078
- http://secunia.com/advisories/35011
- http://secunia.com/advisories/34981
- http://www.securityfocus.com/bid/32716
- http://www.debian.org/security/2009/dsa-1787