CVE-2008-0731

The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
novellapparmor
*
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
hardy
not-affected
gutsy
dne
feisty
dne
edgy
dne
dapper
dne
linux-source-2.6.15
hardy
dne
gutsy
dne
feisty
dne
edgy
dne
dapper
not-affected
linux-source-2.6.17
hardy
dne
gutsy
dne
feisty
dne
edgy
not-affected
dapper
dne
linux-source-2.6.20
hardy
dne
gutsy
dne
feisty
not-affected
edgy
dne
dapper
dne
linux-source-2.6.22
hardy
dne
gutsy
not-affected
feisty
dne
edgy
dne
dapper
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806