CVE-2007-4308

Publication date 13 August 2007

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
linux-source-2.6.15 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper
Fixed 2.6.15-29.58
linux-source-2.6.17 7.04 feisty Not in release
6.10 edgy
Fixed 2.6.17.1-12.40
6.06 LTS dapper Not in release
linux-source-2.6.20 7.04 feisty
Fixed 2.6.20-16.31
6.10 edgy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-510-1
    • Linux kernel vulnerabilities
    • 31 August 2007
    • USN-509-1
    • Linux kernel vulnerabilities
    • 30 August 2007
    • USN-508-1
    • Linux kernel vulnerabilities
    • 31 August 2007

Other references