CVE-2008-5025 — Vulnetix

CVE-2008-5025 PUBLISHED CVSS 7.800000190734863 HIGH

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.

EPSS 1.41% · 80.9th percentile

Risk Scores

CVSS 2.0

7.800000190734863

EPSS Score

1.41%

80.9th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*
linux	linux_kernel	0, 2.2.27, 2.4.36.1

Exploit Intelligence

32998 (circl)
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs (circl)
[oss-security] 20081111 Re: CVE requests: kernel: hfsplus-related bugs (circl)
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs (circl)
MDVSA-2008:246 (circl)
33641 (circl)
[oss-security] 20081111 Re: CVE requests: kernel: hfsplus-related bugs (circl)
32719 (circl)
RHSA-2009:0014 (circl)
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs (circl)

…and 19 more exploits

Timeline

Nov 17, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 17, 2023 EPSS Score

References

32998 third-party-advisory
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
[oss-security] 20081111 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
MDVSA-2008:246 vendor-advisory
33641 third-party-advisory
[oss-security] 20081111 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
32719 third-party-advisory
RHSA-2009:0014 vendor-advisory
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
33556 third-party-advisory
DSA-1687 vendor-advisory
RHSA-2009:0264 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=470769 url
32918 third-party-advisory
33858 third-party-advisory
USN-679-1 vendor-advisory
49863 vdb
[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs mailing-list
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=d38b7aa7fc3371b52d036748028db50b585ade2e url

…and 11 more

Open in Interactive Console →