Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2008-0007

Disclosure Date: February 08, 2008
CVE-2008-0007
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • linux

Products

  • linux kernel

References

Canonical
CVE-2008-0007 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007)
BID-27686 (http://www.securityfocus.com/bid/27686)
BID-27705 (http://www.securityfocus.com/bid/27705)
Advisory
SECTRACK-1019357 (http://securitytracker.com/id?1019357)
20080208 rPSA-2008-0048-1 kernel (http://www.securityfocus.com/archive/1/487808/100/0/threaded)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.17
SECUNIA-28806 (http://secunia.com/advisories/28806)
http://www.redhat.com/support/errata/RHSA-2008-0237.html
USN-618-1 (http://www.ubuntu.com/usn/usn-618-1)
SECUNIA-28826 (http://secunia.com/advisories/28826)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9412
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1
DSA-1565 (http://www.debian.org/security/2008/dsa-1565)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:112
DSA-1504 (http://www.debian.org/security/2008/dsa-1504)
SECUNIA-30116 (http://secunia.com/advisories/30116)
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048
http://www.redhat.com/support/errata/RHSA-2008-0233.html
[linux-kernel] 20080206 [patch 60/73] vm audit: add VM_DONTEXPAND to mmap for drivers that need it (CVE-2008-0007) (http://lkml.org/lkml/2008/2/6/457)
SECUNIA-30110 (http://secunia.com/advisories/30110)
ADV-2008-2222 (http://www.vupen.com/english/advisories/2008/2222/references)
SECUNIA-33280 (http://secunia.com/advisories/33280)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
http://www.mandriva.com/security/advisories?name=MDVSA-2008:072
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
ADV-2008-0445 (http://www.vupen.com/english/advisories/2008/0445/references)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
DSA-1503 (http://www.debian.org/security/2008/dsa-1503)
SECUNIA-29058 (http://secunia.com/advisories/29058)
http://www.redhat.com/support/errata/RHSA-2008-0211.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
SECUNIA-30769 (http://secunia.com/advisories/30769)
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix (http://lists.vmware.com/pipermail/security-announce/2008/000023.html)
SECUNIA-30018 (http://secunia.com/advisories/30018)
SECUNIA-31246 (http://secunia.com/advisories/31246)
SECUNIA-29570 (http://secunia.com/advisories/29570)
SECUNIA-30112 (http://secunia.com/advisories/30112)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis