Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5300

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2008-5300
Last Modified 19 Mar 2012 12:00:00
Published 01 Dec 2008 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5300

Summary

Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.28


References

FEDORA - FEDORA-2008-11618

REDHAT - RHSA-2009:1550

CONFIRM - https://issues.rpath.com/browse/RPL-2915

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=470201

XF - linux-kernel-sendmsg-dos(46943)

UBUNTU - USN-714-1

UBUNTU - USN-715-1

BID - 32516

BUGTRAQ - 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel

BUGTRAQ - 20081209 rPSA-2008-0332-1 kernel

REDHAT - RHSA-2009:0053

REDHAT - RHSA-2009:0014

MANDRIVA - MDVSA-2009:032

DEBIAN - DSA-1681

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0332

SREASON - 4673

SECUNIA - 33854

SECUNIA - 33756

SECUNIA - 33706

SECUNIA - 33556

SECUNIA - 33348

SECUNIA - 33083

SECUNIA - 32998

SECUNIA - 32913

OSVDB - 50272

MLIST - [linux-netdev] 20081125 [PATCH] Fix soft lockups/OOM issues w/ unix garbage collector

MLIST - [linux-netdev] 20081120 soft lockups/OOM after unix socket fixes

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=473259


Last Updated: 27 May 2016 10:49:34