CVE-2008-5029

Publication date 10 November 2008

Last updated 24 July 2024

Ubuntu priority

The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.

From the Ubuntu Security Team

It was discovered that the Unix Socket handler did not correctly process the SCM_RIGHTS message. A local attacker could make a malicious socket request that would crash the system, leading to a denial of service.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
linux	8.10 intrepid	Fixed 2.6.27-9.19
	8.04 LTS hardy	Fixed 2.6.24-22.45
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not in release
linux-source-2.6.15	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-53.74
linux-source-2.6.22	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Fixed 2.6.22-16.60
	6.06 LTS dapper	Not in release

Notes

kees

raised priority due to public PoC

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Introduced by 1da177e, fixed by f8d570a

References

Related Ubuntu Security Notices (USN)

USN-679-1
Linux kernel vulnerabilities
27 November 2008