{ "threat_severity" : "Moderate", "public_date" : "2008-07-02T00:00:00Z", "bugzilla" : { "description" : "Linux kernel local filesystem DoS", "id" : "457858", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=457858" }, "details" : [ "The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (\"overflow\" of the UBIFS orphan area) via a series of attempted file creations within deleted directories." ], "affected_release" : [ { "product_name" : "MRG for RHEL-5", "release_date" : "2008-10-07T00:00:00Z", "advisory" : "RHSA-2008:0857", "cpe" : "cpe:/a:redhat:enterprise_mrg:1::el5", "package" : "kernel-rt-0:2.6.24.7-81.el5rt" }, { "product_name" : "Red Hat Enterprise Linux 2.1", "release_date" : "2009-01-05T00:00:00Z", "advisory" : "RHSA-2008:0787", "cpe" : "cpe:/o:redhat:enterprise_linux:2.1", "package" : "kernel-0:2.4.18-e.67" }, { "product_name" : "Red Hat Enterprise Linux 2.1", "release_date" : "2009-01-08T00:00:00Z", "advisory" : "RHSA-2009:0001", "cpe" : "cpe:/o:redhat:enterprise_linux:2.1", "package" : "kernel-0:2.4.9-e.74" }, { "product_name" : "Red Hat Enterprise Linux 3", "release_date" : "2008-12-17T00:00:00Z", "advisory" : "RHSA-2008:0973", "cpe" : "cpe:/o:redhat:enterprise_linux:3", "package" : "kernel-0:2.4.21-58.EL" }, { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2009-01-14T00:00:00Z", "advisory" : "RHSA-2009:0014", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "kernel-0:2.6.9-78.0.13.EL" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2008-09-24T00:00:00Z", "advisory" : "RHSA-2008:0885", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "kernel-0:2.6.18-92.1.13.el5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2008-3275\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-3275" ], "name" : "CVE-2008-3275", "csaw" : false }