CVE-2008-0163

Linux Kernel - Symlink Following

Title source: rule

Description

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.

References (5)

[Third Party Advisory] http://secunia.com/advisories/28875

[Patch] http://www.debian.org/security/2008/dsa-1494

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/40486

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/27704

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/27798

Scores

EPSS 0.0003

EPSS Percentile 9.0%

Classification

CWE

CWE-59

Status draft

Affected Products (1)

linux/linux_kernel

Timeline

Published Feb 12, 2008

Tracked Since Feb 18, 2026