Oval Definition:oval:org.mitre.oval:def:22656
Revision Date:2014-05-26Version:32
Title:ELSA-2008:0885: kernel security and bug fix update (Important)
Description:The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-6417
CVE-2007-6716
CVE-2008-2931
CVE-2008-3272
CVE-2008-3275
ELSA-2008:0885-01
Platform(s):Oracle Linux 5
Product(s):kernel
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • kernel-headers is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-doc is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-PAE-devel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-devel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-debug is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-kdump is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-xen-devel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-debug-devel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-PAE is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-kdump-devel is earlier than 0:2.6.18-92.1.13.el5
  • OR kernel-xen is earlier than 0:2.6.18-92.1.13.el5
    • BACK