Vulnerabilities > CVE-2008-3077 - USE After Free vulnerability in Linux Kernel

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
linux
CWE-416

Summary

arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_struct references into the sys32_ptrace function, which allows local users to cause a denial of service (system crash) or have unspecified other impact via unknown vectors, possibly a use-after-free vulnerability.

Vulnerable Configurations

Part Description Count
OS
Linux
856

Common Weakness Enumeration (CWE)

Seebug

bulletinFamilyexploit
descriptionCVE(CAN) ID: CVE-2008-3077 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux kernel的arch/x86/kernel/ptrace.c文件中的sys32_ptrace()函数可能会溢出task_struct结构的refcount字段,本地攻击者可以在x86-64平台上利用这个漏洞触发释放后使用,导致系统崩溃。 Linux kernel &lt; 2.6.25.10 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.10.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.10.tar.bz2</a>
idSSV:3608
last seen2017-11-19
modified2008-07-14
published2008-07-14
reporterRoot
titleLinux Kernel sys32_ptrace()函数多个释放后使用漏洞

Statements

contributorMark J Cox
lastmodified2008-07-09
organizationRed Hat
statementNot vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.