CVE-2008-0731

EUVD-2008-0741
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
novellapparmor
*
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
dapper
dne
edgy
dne
feisty
dne
gutsy
dne
hardy
not-affected
linux-source-2.6.15
dapper
not-affected
edgy
dne
feisty
dne
gutsy
dne
hardy
dne
linux-source-2.6.17
dapper
dne
edgy
not-affected
feisty
dne
gutsy
dne
hardy
dne
linux-source-2.6.20
dapper
dne
edgy
dne
feisty
not-affected
gutsy
dne
hardy
dne
linux-source-2.6.22
dapper
dne
edgy
dne
feisty
dne
gutsy
not-affected
hardy
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://secunia.com/advisories/28806