CVE-2008-3915 : Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an u

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

Published 2008-09-11 01:13:41

Updated 2017-08-08 01:32:16

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Threat overview for CVE-2008-3915

Top countries where our scanners detected CVE-2008-3915

Top open port discovered on systems with this issue 52869

IPs affected by CVE-2008-3915 177,103

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2008-3915!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2008-3915

Probability of exploitation activity in the next 30 days: 66.51%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-3915

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-3915

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2008-3915

Red Hat 2009-01-15

This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5. It was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html

References for CVE-2008-3915

Products affected by CVE-2008-3915

Linux » Linux Kernel » Version: 2.6.18
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22
cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.9
cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23
cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.19.7
cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.19.4
cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.19.5
cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.21.7
cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.21.6
cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.21.5
cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.20
cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.19
cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.16
cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.21
cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.18
cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.20.17
cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.20
cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.19
cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.8
cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.9
cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.13
cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.14
cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.15
cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.17
cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.18
cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.22
cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.21
cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.2
cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.10
cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.11
cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.22.12
cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.13
cpe:2.3:o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.8
cpe:2.3:o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.11
cpe:2.3:o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.12
cpe:2.3:o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.10
cpe:2.3:o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.1
cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24
cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.11
cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.12
cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.2
cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.9
cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.16
cpe:2.3:o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.6
cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.7
cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.1
cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.10
cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.7
cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.8
cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.15
cpe:2.3:o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.23.17
cpe:2.3:o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.4
cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.5
cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25
cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.15
cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.5
cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.6
cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.2
cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.24.3
cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.13
cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.14
cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.3
cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.25.4
cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*
Matching versions