Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5700

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2008-5700
Last Modified 19 Mar 2012 12:00:00
Published 22 Dec 2008 10:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5700

Summary

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.27

  • Linux Kernel 2.4.36

  • Linux Kernel 2.4.36.1

  • Linux Kernel 2.4.36.2

  • Linux Kernel 2.4.36.3

  • Linux Kernel 2.4.36.4

  • Linux Kernel 2.4.36.5

  • Linux Kernel 2.4.36.6

  • Linux Kernel 2.6

  • Linux Kernel 2.6.18

  • Linux Kernel 2.6.19.4

  • Linux Kernel 2.6.19.5

  • Linux Kernel 2.6.19.6

  • Linux Kernel 2.6.19.7

  • Linux Kernel 2.6.20.16

  • Linux Kernel 2.6.20.17

  • Linux Kernel 2.6.20.18

  • Linux Kernel 2.6.20.19

  • Linux Kernel 2.6.20.20

  • Linux Kernel 2.6.20.21

  • Linux Kernel 2.6.21.5

  • Linux Kernel 2.6.21.6

  • Linux Kernel 2.6.21.7

  • Linux Kernel 2.6.22

  • Linux Kernel 2.6.22 Rc1

  • Linux Kernel 2.6.22 Rc7

  • Linux Kernel 2.6.22.1

  • Linux Kernel 2.6.22.10

  • Linux Kernel 2.6.22.11

  • Linux Kernel 2.6.22.12

  • Linux Kernel 2.6.22.13

  • Linux Kernel 2.6.22.14

  • Linux Kernel 2.6.22.15

  • Linux Kernel 2.6.22.17

  • Linux Kernel 2.6.22.18

  • Linux Kernel 2.6.22.19

  • Linux Kernel 2.6.22.2

  • Linux Kernel 2.6.22.20

  • Linux Kernel 2.6.22.21

  • Linux Kernel 2.6.22.22

  • Linux Kernel 2.6.22.8

  • Linux Kernel 2.6.22.9

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23 Rc1

  • Linux Kernel 2.6.23.10

  • Linux Kernel 2.6.23.11

  • Linux Kernel 2.6.23.12

  • Linux Kernel 2.6.23.13

  • Linux Kernel 2.6.23.15

  • Linux Kernel 2.6.23.16

  • Linux Kernel 2.6.23.17

  • Linux Kernel 2.6.23.8

  • Linux Kernel 2.6.23.9

  • Linux Kernel 2.6.24

  • Linux Kernel 2.6.24 Rc1

  • Linux Kernel 2.6.24 Rc4

  • Linux Kernel 2.6.24 Rc5

  • Linux Kernel 2.6.24.1

  • Linux Kernel 2.6.24.2

  • Linux Kernel 2.6.24.3

  • Linux Kernel 2.6.24.4

  • Linux Kernel 2.6.24.5

  • Linux Kernel 2.6.24.6

  • Linux Kernel 2.6.24.7

  • Linux Kernel 2.6.25

  • Linux Kernel 2.6.25.1

  • Linux Kernel 2.6.25.10

  • Linux Kernel 2.6.25.11

  • Linux Kernel 2.6.25.12

  • Linux Kernel 2.6.25.13

  • Linux Kernel 2.6.25.14

  • Linux Kernel 2.6.25.15

  • Linux Kernel 2.6.25.16

  • Linux Kernel 2.6.25.17

  • Linux Kernel 2.6.25.2

  • Linux Kernel 2.6.25.3

  • Linux Kernel 2.6.25.4

  • Linux Kernel 2.6.25.5

  • Linux Kernel 2.6.25.6

  • Linux Kernel 2.6.25.7

  • Linux Kernel 2.6.25.8

  • Linux Kernel 2.6.25.9

  • Linux Kernel 2.6.26

  • Linux Kernel 2.6.26.1

  • Linux Kernel 2.6.26.2

  • Linux Kernel 2.6.26.3

  • Linux Kernel 2.6.26.4

  • Linux Kernel 2.6.26.5

  • Linux Kernel 2.6.26.6

  • Linux Kernel 2.6.26.7

  • Linux Kernel 2.6.26.8

  • Linux Kernel 2.6.27

  • Linux Kernel 2.6.27.1

  • Linux Kernel 2.6.27.2

  • Linux Kernel 2.6.27.3

  • Linux Kernel 2.6.27.4

  • Linux Kernel 2.6.27.5

  • Linux Kernel 2.6.27.6

  • Linux Kernel 2.6.27.7

  • Linux Kernel 2.6.27.8


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=474495

XF - linux-kernel-libata-dos(47669)

VUPEN - ADV-2009-3316

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

UBUNTU - USN-714-1

UBUNTU - USN-715-1

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

REDHAT - RHSA-2009:0331

REDHAT - RHSA-2009:0326

REDHAT - RHSA-2009:0053

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9

DEBIAN - DSA-1787

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-114.htm

SECUNIA - 37471

SECUNIA - 34981

SECUNIA - 34762

SECUNIA - 34252

SECUNIA - 33854

SECUNIA - 33758

SECUNIA - 33756

SECUNIA - 33706

MLIST - [oss-security] 20081209 CVE request: kernel: enforce a minimum SG_IO timeout

SUSE - SUSE-SA:2009:010

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=f2f1fa78a155524b849edf359e42a3001ea652c0


Last Updated: 27 May 2016 10:58:23