CVE-2008-3527

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.

Published: Nov 5, 2008
Updated: Nov 9, 2025
CVE: CVE-2008-3527
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.18-rc3	2.6.18-rc3.x
linux / linux_kernel	2.6.18-rc2	2.6.18-rc2.x
linux / linux_kernel	2.4.36.6	2.4.36.6.x
linux / linux_kernel	2.6.18-rc5	2.6.18-rc5.x
linux / linux_kernel	2.6.18-rc4	2.6.18-rc4.x
linux / linux_kernel	2.4.36.2	2.4.36.2.x
linux / linux_kernel	2.6.20.16	2.6.20.16.x
linux / linux_kernel	2.6.19.4	2.6.19.4.x
linux / linux_kernel	2.4.36.1	2.4.36.1.x
linux / linux_kernel	2.6.20.17	2.6.20.17.x
linux / linux_kernel	2.4.36.4	2.4.36.4.x
linux / linux_kernel	2.6.20.20	2.6.20.20.x
linux / linux_kernel	2.4.36.3	2.4.36.3.x
linux / linux_kernel	2.6.20.18	2.6.20.18.x
linux / linux_kernel	2.6.19.7	2.6.19.7.x
linux / linux_kernel	2.6.20.19	2.6.20.19.x
linux / linux_kernel	-	2.6.20.21.x
linux / linux_kernel	2.6.18-rc7	2.6.18-rc7.x
linux / linux_kernel	2.4.36	2.4.36.x
linux / linux_kernel	2.6.19.6	2.6.19.6.x
linux / linux_kernel	2.6.18-rc6	2.6.18-rc6.x
linux / linux_kernel	2.6.19.5	2.6.19.5.x
linux / linux_kernel	2.6.18	2.6.18.x
linux / linux_kernel	2.4.36.5	2.4.36.5.x
linux / linux_kernel	2.2.27	2.2.27.x
linux / linux_kernel	2.6.18-rc1	2.6.18-rc1.x
linux / linux_kernel	2.6	2.6.x

Vulnerability Database

314,496

CVE-2008-3527

Deep Security Visibility Without the Complexity