CVE-2008-5029 Information
Description
The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4 2.6.26 and earlier makes indirect recursive calls to itself through calls to the fput function which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Reference
http://archives.neohapsis.com/archives/bugtraq/2009-01/0006.html http://darkircop.org/unix.c http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.9 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://marc.info/?l=linux-netdev&m=122593044330973&w=2 http://secunia.com/advisories/32918 http://secunia.com/advisories/32998 http://secunia.com/advisories/33180 http://secunia.com/advisories/33556 http://secunia.com/advisories/33586 http://secunia.com/advisories/33623 http://secunia.com/advisories/33641 http://secunia.com/advisories/33704 http://securityreason.com/securityalert/4573 http://www.debian.org/security/2008/dsa-1681 http://www.debian.org/security/2008/dsa-1687 http://www.mandriva.com/security/advisories?name=MDVSA-2008:234 http://www.openwall.com/lists/oss-security/2008/11/06/1 http://www.redhat.com/support/errata/RHSA-2009-0009.html http://www.redhat.com/support/errata/RHSA-2009-0014.html http://www.redhat.com/support/errata/RHSA-2009-0225.html http://www.securityfocus.com/archive/1/499700/100/0/threaded http://www.securityfocus.com/archive/1/499744/100/0/threaded http://www.securityfocus.com/archive/1/512019/100/0/threaded http://www.securityfocus.com/bid/32154 http://www.securityfocus.com/bid/33079 http://www.securitytracker.com/id?1021292 http://www.securitytracker.com/id?1021511 http://www.ubuntu.com/usn/usn-679-1 https://bugzilla.redhat.com/show_bug.cgi?id=470201 https://exchange.xforce.ibmcloud.com/vulnerabilities/46538 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11694 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9558 https://rhn.redhat.com/errata/RHSA-2009-1550.html
Share on: