{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20080916 CVE request: kernel: splice: fix bad unlock_page() in error case", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64"}, {"name": "32485", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32485"}, {"name": "32237", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32237"}, {"name": "RHSA-2008:0957", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html"}, {"name": "linux-kernel-addtopagecachelru-dos(45191)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191"}, {"name": "DSA-1653", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1653"}, {"name": "oval:org.mitre.oval:def:10547", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, {"name": "32759", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32759"}, {"name": "[linux-kernel] 20070720 [PATCH] splice: fix bad unlock_page() in error case", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lkml.org/lkml/2007/7/20/168"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"}, {"name": "SUSE-SR:2008:025", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"}, {"name": "31201", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31201"}, {"tags": ["x_refsource_MISC"], "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4302", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20080916 CVE request: kernel: splice: fix bad unlock_page() in error case", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=6a860c979b35469e4d77da781a96bdb2ca05ae64", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=6a860c979b35469e4d77da781a96bdb2ca05ae64"}, {"name": "32485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32485"}, {"name": "32237", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32237"}, {"name": "RHSA-2008:0957", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html"}, {"name": "linux-kernel-addtopagecachelru-dos(45191)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191"}, {"name": "DSA-1653", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1653"}, {"name": "oval:org.mitre.oval:def:10547", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=462434", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, {"name": "32759", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32759"}, {"name": "[linux-kernel] 20070720 [PATCH] splice: fix bad unlock_page() in error case", "refsource": "MLIST", "url": "http://lkml.org/lkml/2007/7/20/168"}, {"name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2", "refsource": "CONFIRM", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"}, {"name": "SUSE-SR:2008:025", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"}, {"name": "31201", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31201"}, {"name": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html", "refsource": "MISC", "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:08:35.153Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20080916 CVE request: kernel: splice: fix bad unlock_page() in error case", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64"}, {"name": "32485", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32485"}, {"name": "32237", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32237"}, {"name": "RHSA-2008:0957", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html"}, {"name": "linux-kernel-addtopagecachelru-dos(45191)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191"}, {"name": "DSA-1653", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1653"}, {"name": "oval:org.mitre.oval:def:10547", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, {"name": "32759", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32759"}, {"name": "[linux-kernel] 20070720 [PATCH] splice: fix bad unlock_page() in error case", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lkml.org/lkml/2007/7/20/168"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"}, {"name": "SUSE-SR:2008:025", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"}, {"name": "31201", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31201"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4302", "datePublished": "2008-09-29T17:00:00", "dateReserved": "2008-09-29T00:00:00", "dateUpdated": "2024-08-07T10:08:35.153Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3964F496-69A9-4EDE-B659-442233AC27C3", "versionEndExcluding": "2.6.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool."}, {"lang": "es", "value": "fs/splice.c en el subsistema \"splice\" en el kernel de Linux anterior a v2.6.22.2 no maneja de forma adecuada un fallo en la funci\u00f3n add_to_page_cache_Lru, y como consecuencia intentar desbloquear una p\u00e1gina que no est\u00e1 bloqueada, lo que permite que usuarios locales puedan provocar una denegaci\u00f3n de servicio (Error del Kernel y ca\u00edda del sistema), como se demostr\u00f3 por la herramienta \"fio I/O\"."}], "id": "CVE-2008-4302", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2008-09-29T17:17:29.283", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lkml.org/lkml/2007/7/20/168"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32237"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32485"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32759"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1653"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/31201"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lkml.org/lkml/2007/7/20/168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32237"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32485"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/32759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1653"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2008/09/16/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0957.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/31201"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45191"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0957.html", "lastModified": "2009-01-15T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2008:0957", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-92.1.18.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-11-04T00:00:00Z"}], "bugzilla": {"description": "kernel: splice: fix bad unlock_page() in error case", "id": "462434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=462434"}, "csaw": false, "details": ["fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool."], "name": "CVE-2008-4302", "public_date": "2007-07-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-4302\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-4302"], "statement": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.", "threat_severity": "Important"}