// For flags

CVE-2008-3528

Linux kernel ext[234] directory corruption denial of service

Severity Score

7.7
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.

La funcionalidad de error de informe en (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, y posiblemente en (3) fs/ext4/dir.c en el kernet de Linux v2.6.26.5 no limita el número de mensajes de consola printk que informa de la corrupción de directorio, lo cual permite a atacantes aproximarse físicamente para causar denegación de servicio (cuelgue temporal del sistema) montando un archivo de sistema corrupto con valores dir->i_size y dir->i_blocks e interpretando operaciones de (a) lectura o (b) escritura. NOTA: hay escenarios limitados en los cuales estos cruzan los límites de privilegios.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-08-07 CVE Reserved
  • 2008-09-27 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (39)
URL Tag Source
http://lkml.org/lkml/2008/9/17/371 Mailing List
http://secunia.com/advisories/32356 Third Party Advisory
http://secunia.com/advisories/32370 Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2008-0316 X_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316 X_refsource_confirm
http://www.openwall.com/lists/oss-security/2008/09/18/2 Mailing List
http://www.securityfocus.com/archive/1/498285/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/507985/100/0/threaded Mailing List
http://www.vmware.com/security/advisories/VMSA-2009-0016.html X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/45720 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10852 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8642 Signature
URL Date SRC
http://lkml.org/lkml/2008/9/13/98 2024-08-07
http://lkml.org/lkml/2008/9/13/99 2024-08-07
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2008-0972.html 2023-11-07
http://secunia.com/advisories/32509 2023-11-07
http://secunia.com/advisories/32709 2023-11-07
http://secunia.com/advisories/32759 2023-11-07
http://secunia.com/advisories/32799 2023-11-07
http://secunia.com/advisories/32998 2023-11-07
http://secunia.com/advisories/33180 2023-11-07
http://secunia.com/advisories/33586 2023-11-07
http://secunia.com/advisories/33758 2023-11-07
http://secunia.com/advisories/37471 2023-11-07
http://www.debian.org/security/2008/dsa-1681 2023-11-07
http://www.debian.org/security/2008/dsa-1687 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:224 2023-11-07
http://www.redhat.com/support/errata/RHSA-2009-0009.html 2023-11-07
http://www.redhat.com/support/errata/RHSA-2009-0326.html 2023-11-07
http://www.ubuntu.com/usn/usn-662-1 2023-11-07
http://www.vupen.com/english/advisories/2009/3316 2023-11-07
https://bugzilla.redhat.com/show_bug.cgi?id=459577 2009-04-01
https://access.redhat.com/security/cve/CVE-2008-3528 2009-04-01
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.6.26.5
Search vendor "Linux" for product "Linux Kernel" and version "2.6.26.5"
-
Affected