CVE-2008-4410 — Vulnetix

Try Vulnetix Request Demo

CVE-2008-4410 PUBLISHED CVSS 4.900000095367432 MEDIUM

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.

EPSS 0.06% · 19.0th percentile

Risk Scores

CVSS v2.0

4.900000095367432

EPSS Score

0.06%

19.0th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
linux	linux_kernel	2.6.26.5

Timeline

Oct 3, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

linux-kernel-vmiwriteldtentry-dos(45687) vdb
SUSE-SA:2008:053 vendor-advisory
FEDORA-2008-8929 vendor-advisory
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=de59985e3a623d4d5d6207f1777398ca0606ab1c url
[oss-security] 20081003 CVE request: kernel: x86: Fix broken LDT access in VMI mailing-list
32386 third-party-advisory
FEDORA-2008-8980 vendor-advisory
31565 vdb
48743 vdb
32124 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2008-4410 advisory
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=de59985e3a623d4d5d6207f1777398ca0606ab1c url

Open in Interactive Console →