Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-3832 β€” NULL Pointer Dereference in Redhat Fedora

CWE-399CWE-476 β€” NULL Pointer Dereference6 documents6 sources
Severity
4.9MEDIUMNVD
EPSS
0.4%
top 41.80%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Redhat Fedora
Timeline
PublishedOct 3
Latest updateMay 2

Description

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages0 packages

Also affects: Fedora 8, 9

πŸ”΄Vulnerability Details

2
GHSA
GHSA-7cqv-rq93-98pp: A certain Fedora patch for the utrace subsystem in the Linux kernel before 2β†—2022-05-02
β–Ά
CVEList
CVE-2008-3832: A certain Fedora patch for the utrace subsystem in the Linux kernel before 2β†—2008-10-03
β–Ά

πŸ’₯Exploits & PoCs

1
Exploit-DB
Linux Kernel (Fedora 8/9) - 'utrace_control' Null Pointer Dereference Denial of Service↗2008-10-02
β–Ά

πŸ“‹Vendor Advisories

1
Red Hat
kernel: null pointer dereference in utrace_control↗2008-10-02
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2008-3832 kernel: null pointer dereference in utrace_control↗2008-10-01
β–Ά
CVE-2008-3832 β€” NULL Pointer Dereference in Redhat | cvebase