Your submission was sent successfully! Close

CVE-2008-4302

Published: 29 September 2008

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy Not vulnerable

intrepid Not vulnerable

jaunty Not vulnerable

upstream
Released (2.6.22.2)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Not vulnerable
(code not present)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

upstream Not vulnerable
(code not present)
linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Needed
(reached end-of-life)
gutsy Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

upstream Needed

linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Not vulnerable

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

upstream
Released (2.6.22.2)