CVE-2008-1375 — MEDIUM (6.9)

Q: How severe is CVE-2008-1375?

CVE-2008-1375 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-1375?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux, Opensuse Opensuse, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server.

Vulnerability Description

Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.

CVSS Score

6.9

MEDIUM

AV:L/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	>= 2.6.0, < 2.6.24.6
Canonical	Ubuntu Linux	6.06
Opensuse	Opensuse	10.2
Suse	Linux Enterprise Desktop	10
Suse	Linux Enterprise Server	9
Suse	Linux Enterprise Software Development Kit	10
Debian	Debian Linux	4.0
Fedoraproject	Fedora	8

Related Weaknesses (CWE)

CWE-362

References

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.htmlMailing ListThird Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000023.htmlThird Party Advisory
http://marc.info/?l=linux-kernel&m=120967963803205&w=2PatchThird Party Advisory
http://marc.info/?l=linux-kernel&m=120967964303224&w=2PatchThird Party Advisory
http://secunia.com/advisories/30017Third Party Advisory
http://secunia.com/advisories/30018Third Party Advisory
http://secunia.com/advisories/30044Third Party Advisory
http://secunia.com/advisories/30108Third Party Advisory
http://secunia.com/advisories/30110Third Party Advisory
http://secunia.com/advisories/30112Third Party Advisory
http://secunia.com/advisories/30116Third Party Advisory
http://secunia.com/advisories/30260Third Party Advisory
http://secunia.com/advisories/30515Third Party Advisory

FAQ

What is CVE-2008-1375?

CVE-2008-1375 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly ...

How severe is CVE-2008-1375?

CVE-2008-1375 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-1375?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux, Opensuse Opensuse, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server.