VYPR
High severity7.8NVD Advisory· Published Jul 9, 2008· Updated Jun 16, 2026

CVE-2008-2931

CVE-2008-2931

Description

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <2.6.22
    • (no CPE)range: <2.6.22
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:sp1:*:*:*:*:*:*
    • cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp1:*:*:*:*:*:*
    • cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*
    Range: >=10.3,<=11.0

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.