Vulnerability Description
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.0 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=linux-kernel&m=120949204519706&w=2Exploit
- http://marc.info/?l=linux-kernel&m=120949204619718&w=2Exploit
- http://marc.info/?l=linux-kernel&m=120949582428998&w=2Exploit
- http://secunia.com/advisories/30017Vendor Advisory
- http://secunia.com/advisories/30044Vendor Advisory
- http://secunia.com/advisories/30260Vendor Advisory
- http://secunia.com/advisories/30515Vendor Advisory
- http://wiki.rpath.com/Advisories:rPSA-2008-0157
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:109
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:167
- http://www.securityfocus.com/archive/1/491566/100/0/threaded
- http://www.securityfocus.com/archive/1/491732/100/0/threaded
- http://www.securityfocus.com/bid/29014
FAQ
What is CVE-2008-1675?
CVE-2008-1675 is a vulnerability with a CVSS score of 7.2 (HIGH). The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and...
How severe is CVE-2008-1675?
CVE-2008-1675 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1675?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.