CVE-2008-5029

The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.

🔗 References (72)

• cve@mitrehttp://archives.neohapsis.com/archives/bugtraq/2009-01/0006.html
• cve@mitrehttp://darkircop.org/unix.c
• cve@mitrehttp://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.9
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html
• cve@mitrehttp://marc.info/?l=linux-netdev&m=122593044330973&w=2
• cve@mitrehttp://secunia.com/advisories/32918
• cve@mitrehttp://secunia.com/advisories/32998
• cve@mitrehttp://secunia.com/advisories/33180
• cve@mitrehttp://secunia.com/advisories/33556
• cve@mitrehttp://secunia.com/advisories/33586
• cve@mitrehttp://secunia.com/advisories/33623
• cve@mitrehttp://secunia.com/advisories/33641
• cve@mitrehttp://secunia.com/advisories/33704