Medium severity5.5NVD Advisory· Published Aug 12, 2008· Updated Apr 23, 2026
CVE-2008-3275
CVE-2008-3275
Description
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
Affected products
8- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- www.debian.org/security/2008/dsa-1630nvdPatchThird Party Advisory
- www.debian.org/security/2008/dsa-1636nvdPatchThird Party Advisory
- www.securityfocus.com/bid/30647nvdPatchThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lkml.org/lkml/2008/7/2/83nvdExploitMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.htmlnvdMailing ListThird Party Advisory
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/44410nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10744nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6551nvdThird Party Advisory
- usn.ubuntu.com/637-1/nvdThird Party Advisory
- kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.15nvdBroken Link
- secunia.com/advisories/31551nvdBroken Link
- secunia.com/advisories/31614nvdBroken Link
- secunia.com/advisories/31836nvdBroken Link
- secunia.com/advisories/31881nvdBroken Link
- secunia.com/advisories/32023nvdBroken Link
- secunia.com/advisories/32104nvdBroken Link
- secunia.com/advisories/32190nvdBroken Link
- secunia.com/advisories/32344nvdBroken Link
- secunia.com/advisories/33201nvdBroken Link
- secunia.com/advisories/33280nvdBroken Link
- secunia.com/advisories/33556nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0787.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0857.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0885.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0973.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2009-0014.htmlnvdBroken Link
- www.vupen.com/english/advisories/2008/2430nvdBroken Link
News mentions
0No linked articles in our index yet.