CVE-2008-3534

Published: Aug 8, 2008Modified: Apr 23, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count.

Affected (5)

Products: Linux: Linux Kernel · Debian: Debian Linux · Canonical: Ubuntu Linux

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.26.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 4.0

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 6.06
Canonical Ubuntu Linux	Version 7.10
Canonical Ubuntu Linux	Version 8.04

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (22)

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=14fcc23fdc78e9d32372553ccf21758a9bd56fa1

Source: cve@mitre.org

http://lkml.org/lkml/2008/7/26/71

Source: cve@mitre.org

ExploitThird Party Advisory

http://secunia.com/advisories/31881

Source: cve@mitre.org

Third Party Advisory

http://secunia.com/advisories/32190

Source: cve@mitre.org

Third Party Advisory

http://secunia.com/advisories/32393

Source: cve@mitre.org

Third Party Advisory

http://www.debian.org/security/2008/dsa-1636

Source: cve@mitre.org

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1

Source: cve@mitre.org

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0857.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/31134

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/usn-659-1

Source: cve@mitre.org

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44489

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=14fcc23fdc78e9d32372553ccf21758a9bd56fa1

Source: af854a3a-2127-422b-91ae-364da2661108

http://lkml.org/lkml/2008/7/26/71

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

http://secunia.com/advisories/31881

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/32190

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/32393

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.debian.org/security/2008/dsa-1636

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0857.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/31134

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/usn-659-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44489

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.