CVE-2008-0010

The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.

Published: Feb 12, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-0010
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.23.4	2.6.23.4.x
linux / linux_kernel	2.6.22.4	2.6.22.4.x
linux / linux_kernel	2.6.23.7	2.6.23.7.x
linux / linux_kernel	2.6.24-rc3	2.6.24-rc3.x
linux / linux_kernel	2.6.22.1	2.6.22.1.x
linux / linux_kernel	2.6.22	2.6.22.x
linux / linux_kernel	2.6.23.1	2.6.23.1.x
linux / linux_kernel	2.6.22.7	2.6.22.7.x
linux / linux_kernel	2.6.23-rc2	2.6.23-rc2.x
linux / linux_kernel	2.6.23.9	2.6.23.9.x
linux / linux_kernel	2.6.22.6	2.6.22.6.x
linux / linux_kernel	2.6.23.3	2.6.23.3.x
linux / linux_kernel	2.6.22.3	2.6.22.3.x
linux / linux_kernel	2.6.23-rc1	2.6.23-rc1.x
linux / linux_kernel	2.6.23.14	2.6.23.14.x
linux / linux_kernel	2.6.23	2.6.23.x
linux / linux_kernel	2.6.23.2	2.6.23.2.x
linux / linux_kernel	2.6.24-rc2	2.6.24-rc2.x
linux / linux_kernel	2.6.23.5	2.6.23.5.x
linux / linux_kernel	2.6.23.6	2.6.23.6.x
linux / linux_kernel	2.6.22-rc6	2.6.22-rc6.x
linux / linux_kernel	2.6.22.5	2.6.22.5.x
linux / linux_kernel	2.6.22.16	2.6.22.16.x

Vulnerability Database

289,599

CVE-2008-0010