CVE-2008-3528

Impact:
Low
Public Date:
2008-09-13
Bugzilla:
459577: CVE-2008-3528 Linux kernel ext[234] directory corruption denial of service

The MITRE CVE dictionary describes this issue as:

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.

Find out more about CVE-2008-3528 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 2.1
Base Metrics AV:L/AC:L/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2009:0009 2009-01-22
Red Hat Enterprise Linux 4 (kernel) RHSA-2008:0972 2008-11-19
Red Hat Enterprise Linux 5 (kernel) RHSA-2009:0326 2009-04-01

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.