Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-4302Improper Locking in Kernel

CWE-667Improper LockingCWE-755Improper Handling of Exceptional ConditionsCWE-832Unlock of a Resource that is not Locked8 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 63.63%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Linux KernelDebian LinuxRedhat Enterprise Linux
Timeline
PublishedSep 29
Latest updateMay 2

Description

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDlinux/linux_kernel< 2.6.22.2

Also affects: Debian Linux 4.0, Enterprise Linux 5.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

1
GHSA
GHSA-vxc2-696q-6c9j: fs/splice2022-05-02

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service2007-07-20

📋Vendor Advisories

1
Red Hat
kernel: splice: fix bad unlock_page() in error case2007-07-20

📐Framework References

3
CWE
Improper Handling of Exceptional Conditions
CWE
Unlock of a Resource that is not Locked
CWE
Improper Locking

💬Community

1
Bugzilla
CVE-2008-4302 kernel: splice: fix bad unlock_page() in error case2008-09-16