CVE-2008-0600
Summary
| CVE | CVE-2008-0600 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-02-12 21:00:00 UTC |
| Updated | 2023-02-13 02:18:00 UTC |
| Description | The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | 2.6.17 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.10 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.11 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.12 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.13 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.10 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.11 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.12 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.13 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.15 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.16 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.10 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.11 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.12 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.13 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.17.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18 | rc7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.18.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.19.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.10 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.11 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.12 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.13 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.15 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.8 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.20.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | git7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc4 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc5 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21 | rc7 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.21.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22 | rc6 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.16 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.22.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | rc1 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.1 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.14 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.2 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.3 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.4 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.5 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.6 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.7 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.23.9 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | All | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | rc2 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24 | rc3 | All | All |
| Operating System | Linux | Linux Kernel | 2.6.24.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Advisories:rPSA-2008-0052 - rPath Wiki | CONFIRM | wiki.rpath.com | |
| 'Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit' - MARC | MLIST | marc.info | Exploit |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| USN-577-1: Linux kernel vulnerability | Ubuntu | UBUNTU | www.ubuntu.com | |
| Red Hat update for kernel - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| 'Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit' - MARC | MLIST | marc.info | Exploit |
| [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20 | SUSE | lists.opensuse.org | |
| Mandriva update for kernel - Secunia Advisories - Vulnerability Information - Secunia.com | SECUNIA | secunia.com | |
| Advisories:rPSA-2008-0052 - rPath Wiki | CONFIRM | wiki.rpath.com | |
| [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20 | SUSE | lists.opensuse.org | |
| SUSE update for kernel - Advisories - Secunia | SECUNIA | secunia.com | |
| 'Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit' - MARC | MLIST | marc.info | Exploit |
| Ubuntu update for kernel - Advisories - Secunia | SECUNIA | secunia.com | |
| Linux Kernel "vmsplice()" System Call Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| Bug 432251 – CVE-2008-0600 kernel vmsplice_to_pipe flaw | MISC | bugzilla.redhat.com | |
| Advisories | Mandriva | MANDRIVA | www.mandriva.com | |
| rPath update for kernel - Advisories - Secunia | SECUNIA | secunia.com | |
| Fedora update for kernel-xen - Advisories - Secunia | SECUNIA | secunia.com | |
| [SECURITY] Fedora 7 Update: kernel-xen-2.6-2.6.21-7.fc7 | FEDORA | www.redhat.com | |
| Bug 432229 – [SECURITY] CVE-2008-0600 local escalation of privilege | CONFIRM | bugzilla.redhat.com | |
| Bug 432517 – Vulnerability to CVE-2008-0600 (vmsplice) | CONFIRM | bugzilla.redhat.com | |
| Linux Kernel 2.6.17 - 2.6.24.1 vmsplice Local Root Exploit | EXPLOIT-DB | www.exploit-db.com | |
| Linux Kernel Prior to 2.6.24.2 'vmsplice_to_pipe()' Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | |
| [security-announce] SUSE Security Announcement: Linux kernel security pr | SUSE | lists.opensuse.org | |
| [SECURITY] Fedora 8 Update: kernel-xen-2.6-2.6.21-2957.fc8 | FEDORA | www.redhat.com | |
| Debian -- Security Information -- DSA-1494-2 linux-2.6 | DEBIAN | www.debian.org | |
| Webmail - OVH | VUPEN | www.vupen.com | |
| [SECURITY] Fedora 7 Update: kernel-2.6.23.15-80.fc7 | FEDORA | www.redhat.com | |
| [SECURITY] Fedora 8 Update: kernel-2.6.23.15-137.fc8 | FEDORA | www.redhat.com | |
| SecurityTracker.com Archives - Linux Kernel vmsplice() Memory Dereference Bug Lets Local Users Gain Root Privileges | SECTRACK | securitytracker.com | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| Advisories | Mandriva | MANDRIVA | www.mandriva.com | |
| access.redhat.com | CVE-2008-0600 | MISC | access.redhat.com | |
| RETIRED: Linux Kernel Multiple Prior to 2.6.24.1 Multiple Memory Access Vulnerabilities | BID | www.securityfocus.com | |
| Fedora update for kernel - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| 'Re: [stable] [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit' - MARC | MLIST | marc.info | Exploit |
| Debian update for linux-2.6 - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| SUSE update for kernel - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | |
| issues.rpath.com/browse/RPL-2237 | CONFIRM | issues.rpath.com | |
| SUSE update for kernel-rt - Advisories - Secunia | SECUNIA | secunia.com | |
| 'Re: [stable] [PATCH] kernel 2.6.24.1 still vulnerable to the' - MARC | MLIST | marc.info | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2008-02-13 | Mark J Cox | This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4. Updated kernel packages are available to correct this issue for Red Hat Enterprise Linux 5: https://rhn.redhat.com/errata/RHSA-2008-0129.html |
Legacy QID Mappings
- 591311 Bosch Rexroth PRA-ES8P2S Ethernet-Switch Multiple Vulnerabilities (BOSCH-SA-247053-BT)