CVE-2008-4554

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
linuxlinux_kernel
𝑥
≤ 2.6.26.5
linuxlinux_kernel
2.2.27
linuxlinux_kernel
2.4.36
linuxlinux_kernel
2.4.36.1
linuxlinux_kernel
2.4.36.2
linuxlinux_kernel
2.4.36.3
linuxlinux_kernel
2.4.36.4
linuxlinux_kernel
2.4.36.5
linuxlinux_kernel
2.4.36.6
linuxlinux_kernel
2.6
linuxlinux_kernel
2.6.18
linuxlinux_kernel
2.6.18:rc1
linuxlinux_kernel
2.6.18:rc2
linuxlinux_kernel
2.6.18:rc3
linuxlinux_kernel
2.6.18:rc4
linuxlinux_kernel
2.6.18:rc5
linuxlinux_kernel
2.6.18:rc6
linuxlinux_kernel
2.6.18:rc7
linuxlinux_kernel
2.6.19.4
linuxlinux_kernel
2.6.19.5
linuxlinux_kernel
2.6.19.6
linuxlinux_kernel
2.6.19.7
linuxlinux_kernel
2.6.20.16
linuxlinux_kernel
2.6.20.17
linuxlinux_kernel
2.6.20.18
linuxlinux_kernel
2.6.20.19
linuxlinux_kernel
2.6.20.20
linuxlinux_kernel
2.6.20.21
linuxlinux_kernel
2.6.21.5
linuxlinux_kernel
2.6.21.6
linuxlinux_kernel
2.6.21.7
linuxlinux_kernel
2.6.22
linuxlinux_kernel
2.6.22.1
linuxlinux_kernel
2.6.22.2
linuxlinux_kernel
2.6.22.8
linuxlinux_kernel
2.6.22.9
linuxlinux_kernel
2.6.22.10
linuxlinux_kernel
2.6.22.11
linuxlinux_kernel
2.6.22.12
linuxlinux_kernel
2.6.22.13
linuxlinux_kernel
2.6.22.14
linuxlinux_kernel
2.6.22.15
linuxlinux_kernel
2.6.22.17
linuxlinux_kernel
2.6.22.18
linuxlinux_kernel
2.6.22.19
linuxlinux_kernel
2.6.22.20
linuxlinux_kernel
2.6.22.21
linuxlinux_kernel
2.6.22.22
linuxlinux_kernel
2.6.22_rc1:_rc1
linuxlinux_kernel
2.6.22_rc7:_rc7
linuxlinux_kernel
2.6.23
linuxlinux_kernel
2.6.23.8
linuxlinux_kernel
2.6.23.9
linuxlinux_kernel
2.6.23.10
linuxlinux_kernel
2.6.23.11
linuxlinux_kernel
2.6.23.12
linuxlinux_kernel
2.6.23.13
linuxlinux_kernel
2.6.23.15
linuxlinux_kernel
2.6.23.16
linuxlinux_kernel
2.6.23.17
linuxlinux_kernel
2.6.23_rc1:_rc1
linuxlinux_kernel
2.6.24
linuxlinux_kernel
2.6.24.1
linuxlinux_kernel
2.6.24.2
linuxlinux_kernel
2.6.24.3
linuxlinux_kernel
2.6.24.4
linuxlinux_kernel
2.6.24.5
linuxlinux_kernel
2.6.24.6
linuxlinux_kernel
2.6.24.7
linuxlinux_kernel
2.6.24_rc1:_rc1
linuxlinux_kernel
2.6.24_rc4:_rc4
linuxlinux_kernel
2.6.24_rc5:_rc5
linuxlinux_kernel
2.6.25
linuxlinux_kernel
2.6.25
linuxlinux_kernel
2.6.25.1
linuxlinux_kernel
2.6.25.1
linuxlinux_kernel
2.6.25.2
linuxlinux_kernel
2.6.25.2
linuxlinux_kernel
2.6.25.3
linuxlinux_kernel
2.6.25.3
linuxlinux_kernel
2.6.25.4
linuxlinux_kernel
2.6.25.4
linuxlinux_kernel
2.6.25.5
linuxlinux_kernel
2.6.25.5
linuxlinux_kernel
2.6.25.6
linuxlinux_kernel
2.6.25.6
linuxlinux_kernel
2.6.25.7
linuxlinux_kernel
2.6.25.7
linuxlinux_kernel
2.6.25.8
linuxlinux_kernel
2.6.25.8
linuxlinux_kernel
2.6.25.9
linuxlinux_kernel
2.6.25.9
linuxlinux_kernel
2.6.25.10
linuxlinux_kernel
2.6.25.10
linuxlinux_kernel
2.6.25.11
linuxlinux_kernel
2.6.25.11
linuxlinux_kernel
2.6.25.12
linuxlinux_kernel
2.6.25.12
linuxlinux_kernel
2.6.25.13
linuxlinux_kernel
2.6.25.14
linuxlinux_kernel
2.6.25.15
linuxlinux_kernel
2.6.26:rc4
linuxlinux_kernel
2.6.26.1
linuxlinux_kernel
2.6.26.2
linuxlinux_kernel
2.6.26.3
linuxlinux_kernel
2.6.26.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
intrepid
not-affected
hardy
Fixed 2.6.24-22.45
released
gutsy
dne
dapper
dne
linux-source-2.6.15
intrepid
dne
hardy
dne
gutsy
dne
dapper
not-affected
linux-source-2.6.22
intrepid
dne
hardy
dne
gutsy
Fixed 2.6.22-16.60
released
dapper
dne
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=efc968d450e013049a662d22727cf132618dcb2f
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
http://secunia.com/advisories/32386
http://secunia.com/advisories/32918
http://secunia.com/advisories/32998
http://secunia.com/advisories/33180
http://secunia.com/advisories/33182
http://secunia.com/advisories/33586
http://secunia.com/advisories/35390
http://www.debian.org/security/2008/dsa-1681
http://www.debian.org/security/2008/dsa-1687
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27
http://www.mandriva.com/security/advisories?name=MDVSA-2008:224
http://www.openwall.com/lists/oss-security/2008/10/13/1
http://www.openwall.com/lists/oss-security/2008/10/14/5
http://www.redhat.com/support/errata/RHSA-2008-1017.html
http://www.redhat.com/support/errata/RHSA-2009-0009.html
http://www.securityfocus.com/bid/31903
http://www.ubuntu.com/usn/usn-679-1
https://bugzilla.redhat.com/show_bug.cgi?id=466707
https://exchange.xforce.ibmcloud.com/vulnerabilities/45954
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11142
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=efc968d450e013049a662d22727cf132618dcb2f
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
http://secunia.com/advisories/32386
http://secunia.com/advisories/32918
http://secunia.com/advisories/32998
http://secunia.com/advisories/33180
http://secunia.com/advisories/33182
http://secunia.com/advisories/33586
http://secunia.com/advisories/35390
http://www.debian.org/security/2008/dsa-1681
http://www.debian.org/security/2008/dsa-1687
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27
http://www.mandriva.com/security/advisories?name=MDVSA-2008:224
http://www.openwall.com/lists/oss-security/2008/10/13/1
http://www.openwall.com/lists/oss-security/2008/10/14/5
http://www.redhat.com/support/errata/RHSA-2008-1017.html
http://www.redhat.com/support/errata/RHSA-2009-0009.html
http://www.securityfocus.com/bid/31903
http://www.ubuntu.com/usn/usn-679-1
https://bugzilla.redhat.com/show_bug.cgi?id=466707
https://exchange.xforce.ibmcloud.com/vulnerabilities/45954
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11142
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html