CVE-2008-3077

Priority
Low
Description
arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64
platform leaks task_struct references into the sys32_ptrace function, which
allows local users to cause a denial of service (system crash) or have
unspecified other impact via unknown vectors, possibly a use-after-free
vulnerability.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3077
Notes
kees> only an issue in 2.6.25
Package
Source: linux-source-2.6.20 (LP Ubuntu Debian)
Upstream:not-affected (code not present)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux-source-2.6.15 (LP Ubuntu Debian)
Upstream:not-affected (code not present)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux-source-2.6.22 (LP Ubuntu Debian)
Upstream:not-affected (code not present)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released
Ubuntu 8.04 LTS (Hardy Heron):not-affected (code not present)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git;a=commitdiff;h=1e9a615bfce7996ea4d815d45d364b47ac6a74e8
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:55 UTC (commit 5347)