CVE-2008-4554

Severity

46%

Complexity

39%

Confidentiality

106%

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 16 years ago

2008-10-15 20:07:00

Last updated 7 years ago

2017-09-29 01:32:00

Affected Software

Linux Kernel 2.6.18

2.6.18

Linux Kernel 2.6.18 Release Candidate 1

2.6.18

Linux Kernel 2.6.18 Release Candidate 2

2.6.18

Linux Kernel 2.6.18 Release Candidate 3

2.6.18

Linux Kernel 2.6.18 Release Candidate 4

2.6.18

Linux Kernel 2.6.18 Release Candidate 5

2.6.18

Linux Kernel 2.6.18 Release Candidate 6

2.6.18

Linux Kernel 2.6.18 Release Candidate 7

2.6.18

Linux Kernel 2.6.19.4

2.6.19.4

Linux Kernel 2.6.19.5

2.6.19.5

Linux Kernel 2.6.19.6

2.6.19.6

Linux Kernel 2.6.19.7

2.6.19.7

Linux Kernel 2.6.20.16

2.6.20.16

Linux Kernel 2.6.20.17

2.6.20.17

Linux Kernel 2.6.20.18

2.6.20.18

Linux Kernel 2.6.20.19

2.6.20.19

Linux Kernel 2.6.20.20

2.6.20.20

Linux Kernel 2.6.20.21

2.6.20.21

Linux Kernel 2.6.21.5

2.6.21.5

Linux Kernel 2.6.21.6

2.6.21.6

Linux Kernel 2.6.21.7

2.6.21.7

Linux Kernel 2.6.22

2.6.22

Linux Kernel 2.6.22.1

2.6.22.1

Linux Kernel 2.6.22.2

2.6.22.2

Linux Kernel 2.6.22.8

2.6.22.8

Linux Kernel 2.6.22.9

2.6.22.9

Linux Kernel 2.6.22.10

2.6.22.10

Linux Kernel 2.6.22.11

2.6.22.11

Linux Kernel 2.6.22.12

2.6.22.12

Linux Kernel 2.6.22.13

2.6.22.13

Linux Kernel 2.6.22.14

2.6.22.14

Linux Kernel 2.6.22.15

2.6.22.15

Linux Kernel 2.6.22.17

2.6.22.17

Linux Kernel 2.6.22.18

2.6.22.18

Linux Kernel 2.6.22.19

2.6.22.19

Linux Kernel 2.6.22.20

2.6.22.20

Linux Kernel 2.6.22.21

2.6.22.21

Linux Kernel 2.6.22.22

2.6.22.22

Linux Kernel 2.6.23

2.6.23

Linux Kernel 2.6.23.8

2.6.23.8

Linux Kernel 2.6.23.9

2.6.23.9

Linux Kernel 2.6.23.10

2.6.23.10

Linux Kernel 2.6.23.11

2.6.23.11

Linux Kernel 2.6.23.12

2.6.23.12

Linux Kernel 2.6.23.13

2.6.23.13

Linux Kernel 2.6.23.16

2.6.23.15

Linux Kernel 2.6.23.16

2.6.23.16

Linux Kernel 2.6.23.17

2.6.23.17

Linux Kernel 2.6.24

2.6.24

Linux Kernel 2.6.24.1

2.6.24.1

Linux Kernel 2.6.24.2

2.6.24.2

Linux Kernel 2.6.24.3

2.6.24.3

Linux Kernel 2.6.24.4

2.6.24.4

Linux Kernel 2.6.24.5

2.6.24.5

Linux Kernel 2.6.24.6

2.6.24.6

Linux Kernel 2.6.24.7

2.6.24.7

Linux Kernel 2.6.25

2.6.25

Linux Kernel 2.6.25.1

2.6.25.1

Linux Kernel 2.6.25.2

2.6.25.2

Linux Kernel 2.6.25.3

2.6.25.3

Linux Kernel 2.6.25.4

2.6.25.4

Linux Kernel 2.6.25.5

2.6.25.5

Linux Kernel 2.6.25.6

2.6.25.6

Linux Kernel 2.6.25.7

2.6.25.7

Linux Kernel 2.6.25.8

2.6.25.8

Linux Kernel 2.6.25.9

2.6.25.9

Linux Kernel 2.6.25.10

2.6.25.10

Linux Kernel 2.6.25.11

2.6.25.11

Linux Kernel 2.6.25.12

2.6.25.12

Linux Kernel 2.6.25.13

2.6.25.13

Linux Kernel 2.6.25.14

2.6.25.14

Linux Kernel 2.6.25.15

2.6.25.15

Linux Kernel 2.6.26 Release Candidate 4

2.6.26

Linux Kernel 2.6.26.1

2.6.26.1

Linux Kernel 2.6.26.2

2.6.26.2

Linux Kernel 2.6.26.3

2.6.26.3

Linux Kernel 2.6.26.4

2.6.26.4

Linux Kernel

References

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=efc968d450e013049a662d22727cf132618dcb2f

SUSE-SA:2009:030

32386

Vendor Advisory

32918

32998

33180

33182

33586

35390

DSA-1681

DSA-1687

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27

MDVSA-2008:224

[oss-security] 20081013 CVE request: kernel: don't allow splice() to files opened with O_APPEND

[oss-security] 20081014 Re: CVE request: kernel: don't allow splice() to files opened with O_APPEND

RHSA-2008:1017

RHSA-2009:0009

31903

USN-679-1

https://bugzilla.redhat.com/show_bug.cgi?id=466707

linux-kernel-dosplicefrom-security-bypass(45954)

oval:org.mitre.oval:def:11142

FEDORA-2008-8980

FEDORA-2008-8929

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.