CVE-2008-1375 — Race Condition in Kernel

CWE-362 — Race Condition7 documents5 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 78.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Canonical Ubuntu Linux Debian Linux +5 more

Timeline

PublishedMay 2

Latest updateMay 1

Description

Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages5 packages

▶NVDlinux/linux_kernel2.6.0 — 2.6.24.6+1

▶NVDsuse/linux_enterprise_server10, 9+1

▶NVDsuse/linux_enterprise_desktop10

▶NVDsuse/linux_enterprise_software_development_kit10

▶NVDopensuse/opensuse10.2, 10.3+1

Also affects: Debian Linux 4.0, Ubuntu Linux 6.06, 7.04, 7.10, 8.04, Fedora 8

Patches

Patch: marc.info ↗Patch: marc.info ↗Patch: marc.info ↗

🔴Vulnerability Details

GHSA

GHSA-7mhj-67x6-fh4q: Race condition in the directory notification subsystem (dnotify) in Linux kernel 2↗2022-05-01

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2008-06-19

▶

Ubuntu

Linux kernel vulnerabilities↗2008-06-03

▶

Red Hat

kernel: race condition in dnotify (local DoS, local roothole possible)↗2008-05-01

▶

💬Community

Bugzilla

CVE-2009-1376 CVE-2009-1373 CVE-2009-1374 CVE-2009-1375 Multiple pidgin vulnerabilities↗2009-05-26

▶

Bugzilla

CVE-2008-1375 kernel: race condition in dnotify (local DoS, local roothole possible)↗2008-03-31

▶