Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.9
CVSSv2

CVE-2007-4308

Published: 13/08/2007 Updated: 15/10/2018
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Linux Kernel

Vulnerability Summary

The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel prior to 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.

Vulnerable Product Search on Vulmon Subscribe to Product

adaptec aacraid_controller

Vendor Advisories

Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix a number of security issues are nowavailable for Red Hat Enterprise Linux 21 running on 64-bit architecturesThis update has been rated as having important security impact by the Red ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix a number of security issues are nowavailable for Red Hat Enterprise Linux 21 running on 32-bit architecturesThis update has been rated as having important security impact by the Red ...
Ubuntu Security Notice: linux-source-2.6.17 vulnerabilities
A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer (CVE-2007-3104) ...
Ubuntu Security Notice: linux-source-2.6.15 vulnerabilities
A buffer overflow was discovered in the Moxa serial driver Local attackers could execute arbitrary code and gain root privileges (CVE-2005-0504) ...
Ubuntu Security Notice: linux-source-2.6.20 vulnerabilities
A flaw was discovered in the PPP over Ethernet implementation Local attackers could manipulate ioctls and cause kernel memory consumption leading to a denial of service (CVE-2007-2525) ...
Debian Security Advisories: DSA-1363-1 linux-2.6 -- several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2172 Thomas Graf reported a typo in the IPv4 protocol handler that could be used by a local a ...
Debian Security Advisories: DSA-1503-1 kernel-source-2.4.27 -- several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-2731 infamous41md reported multiple integer overflows in the Sbus PROM driver that would allo ...

References

NVD-CWE-Otherhttp://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.23-rc2http://lkml.org/lkml/2007/7/23/195http://www.securityfocus.com/bid/25216http://secunia.com/advisories/26322http://support.avaya.com/elmodocs2/security/ASA-2007-474.htmhttp://www.debian.org/security/2007/dsa-1363http://www.mandriva.com/security/advisories?name=MDKSA-2007:196http://www.mandriva.com/security/advisories?name=MDKSA-2007:195http://www.redhat.com/support/errata/RHSA-2007-0940.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0939.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1049.htmlhttp://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.htmlhttp://www.ubuntu.com/usn/usn-510-1http://www.ubuntu.com/usn/usn-508-1http://www.ubuntu.com/usn/usn-509-1http://secunia.com/advisories/26647http://secunia.com/advisories/26643http://secunia.com/advisories/26651http://secunia.com/advisories/27322http://secunia.com/advisories/27436http://secunia.com/advisories/27212http://secunia.com/advisories/27747http://secunia.com/advisories/27912http://secunia.com/advisories/27913http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.htmlhttp://secunia.com/advisories/28806http://lists.vmware.com/pipermail/security-announce/2008/000005.htmlhttp://www.debian.org/security/2008/dsa-1503http://www.debian.org/security/2008/dsa-1504http://securitytracker.com/id?1019470http://secunia.com/advisories/29032http://secunia.com/advisories/29058http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.htmlhttp://secunia.com/advisories/29570http://www.redhat.com/support/errata/RHSA-2008-0787.htmlhttp://secunia.com/advisories/33280http://www.vupen.com/english/advisories/2007/2786http://www.vupen.com/english/advisories/2008/0637https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8872http://www.securityfocus.com/archive/1/488457/100/0/threadedhttps://access.redhat.com/errata/RHSA-2008:0787https://nvd.nist.govhttps://usn.ubuntu.com/509-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook