Unrated severityNVD Advisory· Published Apr 25, 2008· Updated Apr 23, 2026

CVE-2008-1940

Description

The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.

Affected products

Grsecurity/Grsecurity Kernel Patch7 versions
cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.2:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.3:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.33.4:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.4.34:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.6.18:*:*:*:*:*:*:*
- cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.6.24.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29899nvdPatchVendor Advisory
www.securityfocus.com/bid/28889nvdPatch
www.grsecurity.org/news.phpnvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/1323/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/41952nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000