Medium severity5.5NVD Advisory· Published Sep 29, 2008· Updated Apr 23, 2026
CVE-2008-4302
CVE-2008-4302
Description
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.
Affected products
3- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lkml.org/lkml/2007/7/20/168nvdExploitMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2008/dsa-1653nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2008/09/16/10nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/31201nvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/45191nvdThird Party AdvisoryVDB Entry
- kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2nvdBroken Link
- secunia.com/advisories/32237nvdBroken Link
- secunia.com/advisories/32485nvdBroken Link
- secunia.com/advisories/32759nvdBroken Link
- www.juniper.net/security/auto/vulnerabilities/vuln31201.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2008-0957.htmlnvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547nvdBroken Link
News mentions
0No linked articles in our index yet.