Cloud security intelligence for modern infrastructure.

Stay informed

📬 Product updates & blog posts🛡️ CVE alerts & security advisories

Frequency:

Sent from noreply@echelongraph.io · Unsubscribe anytime

Product

Overview
Enterprise
Agents
AI Analyst
Pricing
Compare
vs. Competitors

Resources

CVE Pulse
Compliance Directory
Newsletter
Documentation
Readiness Calculator
Blog

Security Tools

Surface Scanner
AI Security Index
AI Threat Map
Shadow AI Radar
Shadow Engine Map

Company

Design Partners
Changelog
Contact

Legal

Privacy
Terms
Security
DPA

SOC 2 Type IIISO 27001GDPRHIPAA Ready

Home›CVE Pulse›CVE-2008-0008

CVE-2008-0008

NONECVSS 0.0

0.0

The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.

📅 Published

January 29, 2008

🔄 Last Modified

April 23, 2026

🔗 References (36)

secalert@redhathttp://bugs.gentoo.org/show_bug.cgi?id=207214
secalert@redhathttp://pulseaudio.org/changeset/2100
secalert@redhathttp://secunia.com/advisories/28608
secalert@redhathttp://secunia.com/advisories/28623
secalert@redhathttp://secunia.com/advisories/28738
secalert@redhathttp://secunia.com/advisories/28952
secalert@redhathttp://security.gentoo.org/glsa/glsa-200802-07.xml
secalert@redhathttp://www.debian.org/security/2008/dsa-1476
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2008:027
secalert@redhathttp://www.securityfocus.com/bid/27449
secalert@redhathttp://www.ubuntu.com/usn/usn-573-1
secalert@redhathttp://www.vupen.com/english/advisories/2008/0283
secalert@redhathttps://bugzilla.novell.com/show_bug.cgi?id=347822
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=425481
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/39992

💥

Dependency Blast Radius

See which npm, PyPI, Go, and Maven packages are affected by CVE-2008-0008

Explore →

Is Your Infrastructure Affected by CVE-2008-0008?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs