Vulnerability Description
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.0 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html
- http://lists.vmware.com/pipermail/security-announce/2008/000023.html
- http://secunia.com/advisories/30077
- http://secunia.com/advisories/30101
- http://secunia.com/advisories/30108
- http://secunia.com/advisories/30110
- http://secunia.com/advisories/30112
- http://secunia.com/advisories/30116
- http://secunia.com/advisories/30164
- http://secunia.com/advisories/30252
- http://secunia.com/advisories/30260
- http://secunia.com/advisories/30276
FAQ
What is CVE-2008-1669?
CVE-2008-1669 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "...
How severe is CVE-2008-1669?
CVE-2008-1669 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1669?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.