Vulnerability Description
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.6.22.16 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
- http://lists.vmware.com/pipermail/security-announce/2008/000023.html
- http://lkml.org/lkml/2008/2/6/457Exploit
- http://secunia.com/advisories/28806
- http://secunia.com/advisories/28826
- http://secunia.com/advisories/29058
- http://secunia.com/advisories/29570
- http://secunia.com/advisories/30018
- http://secunia.com/advisories/30110
- http://secunia.com/advisories/30112
- http://secunia.com/advisories/30116
- http://secunia.com/advisories/30769
- http://secunia.com/advisories/31246
- http://secunia.com/advisories/33280
FAQ
What is CVE-2008-0007?
CVE-2008-0007 is a vulnerability with a CVSS score of 7.2 (HIGH). Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
How severe is CVE-2008-0007?
CVE-2008-0007 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0007?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.