CVE-2008-1375

Priority
Medium
Description
Race condition in the directory notification subsystem (dnotify) in Linux
kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local
users to cause a denial of service (OOPS) and possibly gain privileges via
unspecified vectors.
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=214b7049a7929f03bbd2786aaef04b8b79db34e2
http://www.ubuntu.com/usn/usn-614-1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
http://www.ubuntu.com/usn/usn-618-1
Bugs
https://bugs.launchpad.net/bugs/225948
Notes
kees> ABI changer due to header addition?
kees> http://svn.debian.org/wsvn/kernel/dists/etch-security/linux-2.6/debian/patches/bugfix/dnotify-race-avoid-abi-change.patch?op=file&rev=0&sc=0
Package
Source: linux-source-2.6.20 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux-source-2.6.15 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux-source-2.6.22 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:pending (2.6.26-rc1)
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-18.32)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:40 UTC (commit 5347)