CVE-2008-3832: Null Pointer Dereference
First published: Wed Oct 01 2008(Updated: )
A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fedora | =8 | |
| Linux kernel | <=2.6.26.4 | |
| Linux kernel | =2.2.27 | |
| Linux kernel | =2.4.36 | |
| Linux kernel | =2.4.36.1 | |
| Linux kernel | =2.4.36.2 | |
| Linux kernel | =2.4.36.3 | |
| Linux kernel | =2.4.36.4 | |
| Linux kernel | =2.4.36.5 | |
| Linux kernel | =2.4.36.6 | |
| Linux kernel | =2.6 | |
| Linux kernel | =2.6.18 | |
| Linux kernel | =2.6.18-rc1 | |
| Linux kernel | =2.6.18-rc2 | |
| Linux kernel | =2.6.18-rc3 | |
| Linux kernel | =2.6.18-rc4 | |
| Linux kernel | =2.6.18-rc5 | |
| Linux kernel | =2.6.18-rc6 | |
| Linux kernel | =2.6.18-rc7 | |
| Linux kernel | =2.6.19.4 | |
| Linux kernel | =2.6.19.5 | |
| Linux kernel | =2.6.19.6 | |
| Linux kernel | =2.6.19.7 | |
| Linux kernel | =2.6.20.16 | |
| Linux kernel | =2.6.20.17 | |
| Linux kernel | =2.6.20.18 | |
| Linux kernel | =2.6.20.19 | |
| Linux kernel | =2.6.20.20 | |
| Linux kernel | =2.6.20.21 | |
| Linux kernel | =2.6.21.5 | |
| Linux kernel | =2.6.21.6 | |
| Linux kernel | =2.6.21.7 | |
| Linux kernel | =2.6.22 | |
| Linux kernel | =2.6.22.1 | |
| Linux kernel | =2.6.22.2 | |
| Linux kernel | =2.6.22.8 | |
| Linux kernel | =2.6.22.9 | |
| Linux kernel | =2.6.22.10 | |
| Linux kernel | =2.6.22.11 | |
| Linux kernel | =2.6.22.12 | |
| Linux kernel | =2.6.22.13 | |
| Linux kernel | =2.6.22.14 | |
| Linux kernel | =2.6.22.15 | |
| Linux kernel | =2.6.22.17 | |
| Linux kernel | =2.6.22.18 | |
| Linux kernel | =2.6.22.19 | |
| Linux kernel | =2.6.22.20 | |
| Linux kernel | =2.6.22.21 | |
| Linux kernel | =2.6.22.22 | |
| Linux kernel | =2.6.22_rc1 | |
| Linux kernel | =2.6.22_rc7 | |
| Linux kernel | =2.6.23 | |
| Linux kernel | =2.6.24 | |
| Linux kernel | =2.6.25 | |
| Linux kernel | =2.6.26 | |
| Linux kernel | =2.6.26.1 | |
| Linux kernel | =2.6.26.2 | |
| Linux kernel | =2.6.26.3 | |
| Fedora | =9 | |
| Linux kernel | =2.6.23.8 | |
| Linux kernel | =2.6.23.9 | |
| Linux kernel | =2.6.23.10 | |
| Linux kernel | =2.6.23.11 | |
| Linux kernel | =2.6.23.12 | |
| Linux kernel | =2.6.23.13 | |
| Linux kernel | =2.6.23.15 | |
| Linux kernel | =2.6.23.16 | |
| Linux kernel | =2.6.23.17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2008/10/02/1
- http://www.securityfocus.com/bid/31536
- http://kerneloops.org/oops.php?number=56705
- https://bugzilla.redhat.com/show_bug.cgi?id=464883
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45644
- http://gnu.org/licenses/gpl.html
- http://article.gmane.org/gmane.comp.security.oss.general/1003
Frequently Asked Questions
What is the severity of CVE-2008-3832?
CVE-2008-3832 is classified as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2008-3832?
To fix CVE-2008-3832, update your Fedora system to versions 2.6.26.5-28 or later for Fedora 8 and 2.6.26.5-45 or later for Fedora 9.
What systems are affected by CVE-2008-3832?
CVE-2008-3832 affects local users of Fedora 8 and Fedora 9 systems running specific versions of the Linux kernel.
How does CVE-2008-3832 exploit the system?
CVE-2008-3832 exploits the system by allowing a null pointer dereference through the utrace_control function, leading to a system crash or hang.
When was CVE-2008-3832 reported?
CVE-2008-3832 was reported on October 2, 2008, and is tied to vulnerabilities in the utrace subsystem of the Linux kernel.
- collector/nvd-historical
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-3832
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/fedora
- version/fedora/8
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.26.4
- version/linux kernel/2.2.27
- version/linux kernel/2.4.36
- version/linux kernel/2.4.36.1
- version/linux kernel/2.4.36.2
- version/linux kernel/2.4.36.3
- version/linux kernel/2.4.36.4
- version/linux kernel/2.4.36.5
- version/linux kernel/2.4.36.6
- version/linux kernel/2.6
- version/linux kernel/2.6.18
- version/linux kernel/2.6.18-rc1
- version/linux kernel/2.6.18-rc2
- version/linux kernel/2.6.18-rc3
- version/linux kernel/2.6.18-rc4
- version/linux kernel/2.6.18-rc5
- version/linux kernel/2.6.18-rc6
- version/linux kernel/2.6.18-rc7
- version/linux kernel/2.6.19.4
- version/linux kernel/2.6.19.5
- version/linux kernel/2.6.19.6
- version/linux kernel/2.6.19.7
- version/linux kernel/2.6.20.16
- version/linux kernel/2.6.20.17
- version/linux kernel/2.6.20.18
- version/linux kernel/2.6.20.19
- version/linux kernel/2.6.20.20
- version/linux kernel/2.6.20.21
- version/linux kernel/2.6.21.5
- version/linux kernel/2.6.21.6
- version/linux kernel/2.6.21.7
- version/linux kernel/2.6.22
- version/linux kernel/2.6.22.1
- version/linux kernel/2.6.22.2
- version/linux kernel/2.6.22.8
- version/linux kernel/2.6.22.9
- version/linux kernel/2.6.22.10
- version/linux kernel/2.6.22.11
- version/linux kernel/2.6.22.12
- version/linux kernel/2.6.22.13
- version/linux kernel/2.6.22.14
- version/linux kernel/2.6.22.15
- version/linux kernel/2.6.22.17
- version/linux kernel/2.6.22.18
- version/linux kernel/2.6.22.19
- version/linux kernel/2.6.22.20
- version/linux kernel/2.6.22.21
- version/linux kernel/2.6.22.22
- version/linux kernel/2.6.22_rc1
- version/linux kernel/2.6.22_rc7
- version/linux kernel/2.6.23
- version/linux kernel/2.6.24
- version/linux kernel/2.6.25
- version/linux kernel/2.6.26
- version/linux kernel/2.6.26.1
- version/linux kernel/2.6.26.2
- version/linux kernel/2.6.26.3
- version/fedora/9
- version/linux kernel/2.6.23.8
- version/linux kernel/2.6.23.9
- version/linux kernel/2.6.23.10
- version/linux kernel/2.6.23.11
- version/linux kernel/2.6.23.12
- version/linux kernel/2.6.23.13
- version/linux kernel/2.6.23.15
- version/linux kernel/2.6.23.16
- version/linux kernel/2.6.23.17