Unrated severityNVD Advisory· Published Sep 4, 2008· Updated Apr 23, 2026

CVE-2008-3911

Description

The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lkml.org/lkml/2008/8/30/140nvdExploit
lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.htmlnvd
lkml.org/lkml/2008/8/30/184nvd
www.openwall.com/lists/oss-security/2008/09/04/2nvd
www.securityfocus.com/bid/31937nvd
exchange.xforce.ibmcloud.com/vulnerabilities/45136nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000