Vulnerability-Lookup

CVE-2008-2137 (GCVE-0-2008-2137)

Vulnerability from cvelistv5 – Published: 2008-05-29 16:00 – Updated: 2024-08-07 08:49

Summary

The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

FKIE_CVE-2008-2137

Vulnerability from fkie_nvd - Published: 2008-05-29 16:32 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604	Exploit
cve@mitre.org	http://secunia.com/advisories/30368	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30499
cve@mitre.org	http://secunia.com/advisories/31107
cve@mitre.org	http://www.debian.org/security/2008/dsa-1588
cve@mitre.org	http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5
cve@mitre.org	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
cve@mitre.org	http://www.securityfocus.com/bid/29397
cve@mitre.org	http://www.securitytracker.com/id?1020119
cve@mitre.org	http://www.ubuntu.com/usn/usn-625-1
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1716/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42681
af854a3a-2127-422b-91ae-364da2661108	http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30368	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30499
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31107
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1588
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29397
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020119
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-625-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1716/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42681

Impacted products

Vendor	Product	Version
debian	debian_linux	4.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.1
linux	linux_kernel	2.6.2
linux	linux_kernel	2.6.3
linux	linux_kernel	2.6.4
linux	linux_kernel	2.6.5
linux	linux_kernel	2.6.6
linux	linux_kernel	2.6.7
linux	linux_kernel	2.6.8
linux	linux_kernel	2.6.9
linux	linux_kernel	2.6.10
linux	linux_kernel	2.6.11
linux	linux_kernel	2.6.11.4
linux	linux_kernel	2.6.11.5
linux	linux_kernel	2.6.11.6
linux	linux_kernel	2.6.11.7
linux	linux_kernel	2.6.11.8
linux	linux_kernel	2.6.11.11
linux	linux_kernel	2.6.11.12
linux	linux_kernel	2.6.12
linux	linux_kernel	2.6.12.1
linux	linux_kernel	2.6.12.2
linux	linux_kernel	2.6.12.3
linux	linux_kernel	2.6.12.4
linux	linux_kernel	2.6.12.5
linux	linux_kernel	2.6.12.6
linux	linux_kernel	2.6.12.12
linux	linux_kernel	2.6.12.22
linux	linux_kernel	2.6.13
linux	linux_kernel	2.6.13.1
linux	linux_kernel	2.6.13.2
linux	linux_kernel	2.6.13.3
linux	linux_kernel	2.6.13.4
linux	linux_kernel	2.6.14
linux	linux_kernel	2.6.14.1
linux	linux_kernel	2.6.14.2
linux	linux_kernel	2.6.14.3
linux	linux_kernel	2.6.14.4
linux	linux_kernel	2.6.14.5
linux	linux_kernel	2.6.15
linux	linux_kernel	2.6.15.1
linux	linux_kernel	2.6.15.2
linux	linux_kernel	2.6.15.3
linux	linux_kernel	2.6.15.4
linux	linux_kernel	2.6.15.5
linux	linux_kernel	2.6.15.11
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16.13
linux	linux_kernel	2.6.16.27
linux	linux_kernel	2.6.17
linux	linux_kernel	2.6.17.1
linux	linux_kernel	2.6.17.2
linux	linux_kernel	2.6.17.3
linux	linux_kernel	2.6.17.5
linux	linux_kernel	2.6.17.6
linux	linux_kernel	2.6.17.7
linux	linux_kernel	2.6.17.8
linux	linux_kernel	2.6.17.10
linux	linux_kernel	2.6.17.11
linux	linux_kernel	2.6.17.12
linux	linux_kernel	2.6.17.13
linux	linux_kernel	2.6.17.14
linux	linux_kernel	2.6.18
linux	linux_kernel	2.6.18.1
linux	linux_kernel	2.6.18.3
linux	linux_kernel	2.6.18.4
linux	linux_kernel	2.6.19
linux	linux_kernel	2.6.19.1
linux	linux_kernel	2.6.19.2
linux	linux_kernel	2.6.20
linux	linux_kernel	2.6.20.1
linux	linux_kernel	2.6.20.2
linux	linux_kernel	2.6.20.3
linux	linux_kernel	2.6.20.4
linux	linux_kernel	2.6.20.5
linux	linux_kernel	2.6.20.8
linux	linux_kernel	2.6.20.9
linux	linux_kernel	2.6.20.11
linux	linux_kernel	2.6.20.13
linux	linux_kernel	2.6.20.15
linux	linux_kernel	2.6.21
linux	linux_kernel	2.6.21.1
linux	linux_kernel	2.6.21.2
linux	linux_kernel	2.6.21.4
linux	linux_kernel	2.6.21.6
linux	linux_kernel	2.6.21.7
linux	linux_kernel	2.6.22
linux	linux_kernel	2.6.22.3
linux	linux_kernel	2.6.22.4
linux	linux_kernel	2.6.22.5
linux	linux_kernel	2.6.22.6
linux	linux_kernel	2.6.22.7
linux	linux_kernel	2.6.22.8
linux	linux_kernel	2.6.22.11
linux	linux_kernel	2.6.22.12
linux	linux_kernel	2.6.22.13
linux	linux_kernel	2.6.22.14
linux	linux_kernel	2.6.22.15
linux	linux_kernel	2.6.22.16
linux	linux_kernel	2.6.22.17
linux	linux_kernel	2.6.23
linux	linux_kernel	2.6.23.1
linux	linux_kernel	2.6.23.2
linux	linux_kernel	2.6.23.3
linux	linux_kernel	2.6.23.4
linux	linux_kernel	2.6.23.5
linux	linux_kernel	2.6.23.6
linux	linux_kernel	2.6.23.7
linux	linux_kernel	2.6.23.9
linux	linux_kernel	2.6.23.14
linux	linux_kernel	2.6.24.1
linux	linux_kernel	2.6.24.2
linux	linux_kernel	2.6.25
linux	linux_kernel	2.6.25.1
linux	linux_kernel	2.6.25.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B812DFE2-6FFA-4D31-839C-0CCB2B1310EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EED3D5-8F89-4B7F-A34B-52274B1A754F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F87AA89-F377-4BEB-B69F-809F5DA6176C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27AF62E-A026-43E9-89E6-CD807CE9DF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C2AE0E-DAE8-4443-B33F-6ABA9019AA88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D343B121-C007-49F8-9DE8-AA05CE58FF0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A0370A2-0A23-4E34-A2AC-8D87D051B0B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5738D628-0B2D-4F56-9427-2009BFCB6C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7BBB5F-44F7-467F-B934-33ABF744A107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "0478831E-87B2-441F-AEC2-403A35FED1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B3AFE7-F4FF-4144-9046-E5926E305A03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7616E197-ACCA-4191-A513-FD48417C7F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EBB1A21-3826-4BC5-A243-AF8F8D1D4728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B81A4DD-2ADE-4455-B517-5E4E0532D5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "83700989-8820-48DA-A9FE-6A77DF1E8439",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6555D45B-D3B3-4455-AB1E-E513F9FB6139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA5E262-7825-496F-AA72-0AD6DE6F3C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E62F6FA-6C96-4AEE-8547-8C2FE1FAD998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE3ACE7A-A600-4ABB-B988-5D59D626DC0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F839622-3DE1-4A16-8BD2-5FA2CBF014D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC47887B-5608-47BE-85EE-563864461915",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "809264F1-763D-4A8F-B206-222332DD8732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A66ED53E-3139-4972-B027-D614BFFB8628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "85A3AB7A-1959-4A57-B83D-B2753C43649E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8FB7FA3-727D-4BB9-937C-F4F5DA97FFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A60B265-5508-4EE0-980A-44BB0966FD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E32E6BA-AFEF-44A8-B230-87DD043BB222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E575B-BD1A-4E50-8D6F-131D5E08058E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6554469E-F6AE-4EB0-880E-CBFD196FEE31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F99CFC1-DCCE-47B9-98EF-84AEDAECE02E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3A5FD5-4C42-4B00-8473-D5650FAED9C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "480F035A-A59D-4113-A246-DF108BB2F591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D39E29-B2A0-4075-84AF-994C27AB0A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "19879317-B067-45DA-B497-21EBDDDC2521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AF8895-7BF8-458E-B2BB-68699AABC023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA768A9D-6C63-405E-9D14-5D68F8E93A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA794BE8-1A22-4BF8-AB79-53E7BCE60D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D2606B-00A6-4FA3-A00D-B1E8A80B947C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "821BD11F-3C6A-4424-BC9B-DFD786248B07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD70B2B-9827-4DBB-B82D-0B70C2D4AB1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "99662904-E5E3-4E81-B199-39707EAEB652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A55028-B8F9-4AD2-AE57-A80D561F3C79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F26BA18-08AD-45FE-9F83-25CCB2E27270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBFF148-3EDA-4216-910B-8930D8C443C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "648C63F7-EA1D-4F2E-B8AF-1F380C83E542",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1697B855-4834-4633-A5C8-C1F7F13ACE0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FBAE75F-9145-4B9A-A6D8-E488C5326145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5990C6C2-2F66-4C4D-8224-74163865F410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAC2E9D-0E82-4866-9046-ADD448418198",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "67F2047A-5F17-4B59-9075-41A5DC5C1CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52152F5A-1833-4490-A373-9C547B90B0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B64A095E-5E97-445E-B435-F09983CC0E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "71295664-89EC-4BB3-9F86-B1DDA20FAC5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37BE853A-BA6F-4A70-B166-E34441F0B7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85064FDF-4B62-43BF-B36C-F659D739BC22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls."
    },
    {
      "lang": "es",
      "value": "Las funciones (1) sparc_mmap_check en arch/sparc/kernel/sys_sparc.c y (2) sparc64_mmap_check en arch/sparc64/kernel/sys_sparc.c, en el Kernel de Linux 2.6.25.3, omite ciertas validaciones de rangos de direcciones virtuales (tambi\u00e9n conocidas como span) cuando el bit nmap MAP_FIXED no est\u00e1 establecido, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de llamadas a nmpa sin especificar."
    }
  ],
  "id": "CVE-2008-2137",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-29T16:32:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30368"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30499"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31107"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1588"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29397"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020119"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-625-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1716/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-625-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1716/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42681"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. Red Hat Enterprise Linux 2.1, 3, 4, and 5 do not ship for the SPARC architecture.",
      "lastModified": "2008-07-02T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-V3XM-X5GG-CV82

Vulnerability from github – Published: 2022-05-01 23:47 – Updated: 2022-05-01 23:47

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2137"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-29T16:32:00Z",
    "severity": "MODERATE"
  },
  "details": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.",
  "id": "GHSA-v3xm-x5gg-cv82",
  "modified": "2022-05-01T23:47:03Z",
  "published": "2022-05-01T23:47:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2137"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42681"
    },
    {
      "type": "WEB",
      "url": "http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30368"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30499"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31107"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1588"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29397"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020119"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-625-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1716/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-2137

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-2137

Aliases

CVE-2008-2137

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2137",
    "description": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.",
    "id": "GSD-2008-2137",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-2137.html",
      "https://www.debian.org/security/2008/dsa-1588"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2137"
      ],
      "details": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.",
      "id": "GSD-2008-2137",
      "modified": "2023-12-13T01:23:01.297999Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2137",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "linux-kernel-mmap-dos(42681)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42681"
          },
          {
            "name": "30368",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30368"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5",
            "refsource": "CONFIRM",
            "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3",
            "refsource": "CONFIRM",
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3"
          },
          {
            "name": "ADV-2008-1716",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1716/references"
          },
          {
            "name": "1020119",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020119"
          },
          {
            "name": "30499",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30499"
          },
          {
            "name": "DSA-1588",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1588"
          },
          {
            "name": "29397",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/29397"
          },
          {
            "name": "31107",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31107"
          },
          {
            "name": "[git-commits-head] 20080507 sparc: Fix mmap VA span checking.",
            "refsource": "MLIST",
            "url": "http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604"
          },
          {
            "name": "USN-625-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-625-1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2137"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[git-commits-head] 20080507 sparc: Fix mmap VA span checking.",
              "refsource": "MLIST",
              "tags": [
                "Exploit"
              ],
              "url": "http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3"
            },
            {
              "name": "DSA-1588",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1588"
            },
            {
              "name": "29397",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/29397"
            },
            {
              "name": "30368",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30368"
            },
            {
              "name": "31107",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31107"
            },
            {
              "name": "USN-625-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-625-1"
            },
            {
              "name": "30499",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30499"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5"
            },
            {
              "name": "ADV-2008-1716",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1716/references"
            },
            {
              "name": "1020119",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020119"
            },
            {
              "name": "linux-kernel-mmap-dos(42681)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42681"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2008-05-29T16:32Z"
    }
  }
}

CERTA-2008-AVI-252

Vulnerability from certfr_avis - Published: 2008-05-19 - Updated: 2008-06-25

Plusieurs vulnérabilités présentes dans le noyau Linux permettent à un utilisateur distant de provoquer un déni de service ou à un utilisateur local de contourner la politique de sécurité du système.

Description

Plusieurs vulnérabilités sont présentes dans le noyau Linux :

la première est relative à l'appel système sys_utimensat(). Elle permet à un utilisateur local de modifier les dates d'accès ou de modifications d'un fichier arbitraire sans tenir compte des droits d'accès normaux ;
la deuxième concerne le pilote mettant en œuvre l'encapsulation IPv6 dans IPv4 et permet à un utilisateur distant de provoquer une consommation excessive de la mémoire via un paquet particulier ;
la dernière concerne la fonction mmap() sur architecture de type SPARC. Cette vulnérabilité permet à un utilisateur local de provoquer un déni de service du système vulnérable.

Solution

La version 2.6.25.3 du noyau Linux corrige le problème :

http://www.kernel.org

Se référer au bulletin de sécurité des éditeurs de distributions pour l'obtention de correctifs (cf. section Documentation).

Les noyaux Linux versions 2.6.25.2 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2137 (GCVE-0-2008-2137)

FKIE_CVE-2008-2137

GHSA-V3XM-X5GG-CV82

GSD-2008-2137

CERTA-2008-AVI-252

Description

Solution

Tags

Sightings

Nomenclature