High severity7.8NVD Advisory· Published Jul 9, 2008· Updated Apr 23, 2026

CVE-2008-2812

Description

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

Affected products

Avaya/Communication Manager
cpe:2.3:a:avaya:communication_manager:*:*:*:*:*:*:*:*
Range: >=3.1
Avaya/Expanded Meet Me Conferencing
cpe:2.3:a:avaya:expanded_meet-me_conferencing:*:*:*:*:*:*:*:*
Avaya/Intuity Audix Lx
cpe:2.3:a:avaya:intuity_audix_lx:2.0:*:*:*:*:*:*:*
Avaya/Meeting Exchange
cpe:2.3:a:avaya:meeting_exchange:5.0:*:*:*:*:*:*:*
Avaya/Message Networking
cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*
Avaya/Messaging Storage Server
cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*
Avaya/Proactive Contact
cpe:2.3:a:avaya:proactive_contact:4.0:*:*:*:*:*:*:*
Avaya/Sip Enablement Services2 versions
cpe:2.3:a:avaya:sip_enablement_services:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avaya:sip_enablement_services:-:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:sip_enablement_services:4.0:*:*:*:*:*:*:*
Canonical (company)/Ubuntu Linux4 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.25.10
Novell/Linux Desktop
cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop2 versions
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server2 versions
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2008/dsa-1630nvdPatchThird Party Advisory
www.openwall.com/lists/oss-security/2008/07/03/2nvdMailing ListPatchThird Party Advisory
www.securityfocus.com/bid/30076nvdPatchThird Party AdvisoryVDB Entry
lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvdMailing ListThird Party Advisory
support.avaya.com/elmodocs2/security/ASA-2008-365.htmnvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/43687nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633nvdThird Party Advisory
usn.ubuntu.com/637-1/nvdThird Party Advisory
kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10nvdBroken Link
secunia.com/advisories/30982nvdBroken Link
secunia.com/advisories/31048nvdBroken Link
secunia.com/advisories/31202nvdBroken Link
secunia.com/advisories/31229nvdBroken Link
secunia.com/advisories/31341nvdBroken Link
secunia.com/advisories/31551nvdBroken Link
secunia.com/advisories/31614nvdBroken Link
secunia.com/advisories/31685nvdBroken Link
secunia.com/advisories/32103nvdBroken Link
secunia.com/advisories/32370nvdBroken Link
secunia.com/advisories/32759nvdBroken Link
secunia.com/advisories/33201nvdBroken Link
www.redhat.com/support/errata/RHSA-2008-0612.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2008-0665.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2008-0973.htmlnvdBroken Link
www.vupen.com/english/advisories/2008/2063/referencesnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000