#VU92687 Resource management errors in Linux kernel - CVE-2008-5700

Cybersecurity Help s.r.o.

Published: 2008-12-22 | Updated: 2018-10-11

Vulnerability identifier: #VU92687

Vulnerability risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2008-5700

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform service disruption.

The vulnerability exists due to resource management errors error. A local user can perform service disruption.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=f2f1fa78a155524b849edf359e42a3001ea652c0
https://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
https://openwall.com/lists/oss-security/2008/12/09/2
https://secunia.com/advisories/33706
https://secunia.com/advisories/33756
https://secunia.com/advisories/33758
https://secunia.com/advisories/33854
https://secunia.com/advisories/34252
https://secunia.com/advisories/34762
https://secunia.com/advisories/34981
https://secunia.com/advisories/37471
https://support.avaya.com/elmodocs2/security/ASA-2009-114.htm
https://www.debian.org/security/2009/dsa-1787
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9
https://www.redhat.com/support/errata/RHSA-2009-0053.html
https://www.redhat.com/support/errata/RHSA-2009-0326.html
https://www.redhat.com/support/errata/RHSA-2009-0331.html
https://www.securityfocus.com/archive/1/507985/100/0/threaded
https://www.ubuntu.com/usn/usn-715-1
https://www.vmware.com/security/advisories/VMSA-2009-0016.html
https://www.vupen.com/english/advisories/2009/3316
https://bugzilla.redhat.com/show_bug.cgi?id=474495
https://exchange.xforce.ibmcloud.com/vulnerabilities/47669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10948
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8606
https://usn.ubuntu.com/714-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management errors in Linux kernel