Oval Definition:oval:org.opensuse.security:def:20084210
Revision Date:2017-09-27Version:1
Title:CVE-2008-4210
Description:

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-4210
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise SDK 10 SP2
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp2-sdk is installed
  • AND kernel-kdump less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • kernel-debug less than 2.6.16.60-0.31
  • OR kernel-kdump less than 2.6.16.60-0.31
  • OR kernel-xen less than 2.6.16.60-0.31
  • OR kernel-xenpae less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • kernel-debug less than 2.6.16.60-0.31
  • OR kernel-kdump less than 2.6.16.60-0.31
  • OR kernel-xen less than 2.6.16.60-0.31
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND kernel-debug less than 2.6.16.60-0.31
    • BACK