You are here

CVE-2008-5182

Vincent (CVE) Danen's picture
The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.

Details Source

Mitre

Public Date

2008-11-15 00:00:00

Impact

Important

Bugzilla

CVE-2008-5182 kernel: fix inotify watch removal/umount races

Bugzilla ID

472 325

CVSS Status

verified

Base Score

7.20

Base Metrics

AV:L/AC:L/Au:N/C:C/I:C/A:C

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2009:0225 2009-01-20
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2009:0053 2009-02-04
Red Hat Enterprise Linux EUS (v. 5.2 server) (kernel) RHSA-2009:0021 2009-02-25

CWE

CWE-662->CWE-362->CWE-672->CWE-476