Home > Vulnerability Database > CVE-2008-3915

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2008-3915

Date: September 9, 2008

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

Severity Score

8.1

Related Resources (17)

Url: http://secunia.com/advisories/31881

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-3915

Url: http://www.openwall.com/lists/oss-security/2008/09/04/4

Url: http://secunia.com/advisories/32393

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=91b80969ba466ba4b915a4a1d03add8c297add3f

Url: http://www.redhat.com/support/errata/RHSA-2008-0857.html

Url: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-3915

Url: http://www.openwall.com/lists/oss-security/2008/09/04/18

Url: http://lkml.org/lkml/2008/9/3/286

Url: http://www.securityfocus.com/bid/31133

Url: https://bugzilla.redhat.com/show_bug.cgi?id=461101

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/45055

Url: http://secunia.com/advisories/32190

Url: http://www.debian.org/security/2008/dsa-1636

Url: http://www.ubuntu.com/usn/usn-659-1

Url: https://www.mend.io/vulnerability-database/CVE-2008-3915

Severity Score

8.1

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us