CVE-2008-2358

{"id": "CVE-2008-2358", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-06-10T00:32:00.000", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30000", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30818", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30849", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30920", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31107", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1592", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:112", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:167", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0519.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/29603", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1020211", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-625-1", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447389", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43034", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9644", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00082.html", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow."}, {"lang": "es", "value": "Un desbordamiento de enteros en la funci\u00f3n dccp_feat_change en el archivo net/dccp/feat.c en el subsistema Datagram Congestion Control Protocol (DCCP) en el kernel de Linux versi\u00f3n 2.6.18, y versiones 2.6.17 hasta 2.6.20, permite a los usuarios locales alcanzar privilegios por medio de una longitud de funcionalidad no v\u00e1lida, lo que conlleva a un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."}], "lastModified": "2017-09-29T01:31:08.083", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0519.html", "lastModified": "2009-01-15T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com", "evaluatorSolution": "Patch information can be found at the following location:\r\n\r\nhttp://lists.debian.org/debian-security-announce/2008/msg00172.html"}