CVE-2008-5713
published 2008-12-24CVE-2008-5713: The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft…
PriorityP417medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.74%
50.1th percentile
The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
Affected
221 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.6.24.7 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
vendor_ubuntu4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2009-01-29·CVSS 4.9
CVE-2008-5134 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Hugo Dias discovered that the ATM subsystem did not correctly manage socket
counts. A local attacker could exploit this to cause a system hang, leading
to a denial of service. (CVE-2008-5079)
It was discovered that the libertas wireless driver did not correctly
handle beacon and probe responses. A physically near-by attacker could
generate specially crafted wireless network traffic and cause a denial of
service. Ubuntu 6.06 was not affected. (CVE-2008-5134)
It was discovered that the inotify subsystem contained watch removal race
conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)
Dann Frazier discovered that in certain situations sendmsg did not
c
Red Hat
kernel: soft lockup occurs when network load is very high
vendor_redhat·2008-03-28·CVSS 4.9
CVE-2008-5713 [MEDIUM] kernel: soft lockup occurs when network load is very high
kernel: soft lockup occurs when network load is very high
The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.
GHSA
GHSA-mv9w-4qcx-3jmc: The __qdisc_run function in net/sched/sch_generic
ghsa_unreviewed·2022-05-14
CVE-2008-5713 [MEDIUM] GHSA-mv9w-4qcx-3jmc: The __qdisc_run function in net/sched/sch_generic
The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application in UDP_STREAM mode.
No detection rules found.
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=2ba2506ca7ca62c56edaa334b0fe61eb5eab6ab0http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25http://openwall.com/lists/oss-security/2008/12/23/1http://rhn.redhat.com/errata/RHSA-2009-0264.htmlhttp://secunia.com/advisories/33706http://secunia.com/advisories/33858http://secunia.com/advisories/35011http://www.debian.org/security/2009/dsa-1794http://www.securityfocus.com/bid/32985https://bugzilla.redhat.com/show_bug.cgi?id=477744https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9385https://usn.ubuntu.com/714-1/http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=2ba2506ca7ca62c56edaa334b0fe61eb5eab6ab0http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25http://openwall.com/lists/oss-security/2008/12/23/1http://rhn.redhat.com/errata/RHSA-2009-0264.htmlhttp://secunia.com/advisories/33706http://secunia.com/advisories/33858http://secunia.com/advisories/35011http://www.debian.org/security/2009/dsa-1794http://www.securityfocus.com/bid/32985https://bugzilla.redhat.com/show_bug.cgi?id=477744https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9385https://usn.ubuntu.com/714-1/
2008-12-24
Published