CVE-2007-4308

Table of Contents

Impact:
Moderate
Public Date:
2007-07-23
Bugzilla:
252309: CVE-2007-4308 kernel: Missing ioctl() permission checks in aacraid driver

The MITRE CVE dictionary describes this issue as:

The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.

Find out more about CVE-2007-4308 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (kernel) RHSA-2007:1049 2007-12-03
Red Hat Enterprise Linux 4 (kernel) RHSA-2007:0939 2007-11-01
Red Hat Enterprise Linux 5 (kernel) RHSA-2007:0940 2007-10-22
Red Hat Enterprise Linux 2.1 (kernel) RHSA-2009:0001 2009-01-08
Red Hat Enterprise Linux 2.1 (kernel) RHSA-2008:0787 2009-01-05
Last Modified

CVE description copyright © 2017, The MITRE Corporation