Public Date:
CWE-662 -> CWE-362 -> CWE-672 -> CWE-476
472325: CVE-2008-5182 kernel: fix inotify watch removal/umount races

The MITRE CVE dictionary describes this issue as:

The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.

Find out more about CVE-2008-5182 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 7.2
Base Metrics AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 5 (kernel) RHSA-2009:0225 2009-01-20
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2009:0053 2009-02-04
Red Hat Enterprise Linux EUS (v. 5.2 server) (kernel) RHSA-2009:0021 2009-02-25