Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-frr7-cvec-w3d2
Vulnerability ID VCID-frr7-cvec-w3d2
Aliases CVE-2008-3535
Summary kernel: fix off-by-one error in iov_iter_advance()
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-193 Off-by-one Error
System Score Found at
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
epss 0.00047 https://api.first.org/data/v1/epss?cve=CVE-2008-3535
cvssv2 4.9 https://nvd.nist.gov/vuln/detail/CVE-2008-3535
Reference id Reference type URL
http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3535.json
https://api.first.org/data/v1/epss?cve=CVE-2008-3535
http://secunia.com/advisories/31881
http://secunia.com/advisories/32190
http://secunia.com/advisories/32393
https://exchange.xforce.ibmcloud.com/vulnerabilities/44492
http://www.debian.org/security/2008/dsa-1636
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2
http://www.lkml.org/lkml/2008/7/30/446
http://www.redhat.com/support/errata/RHSA-2008-0857.html
http://www.securityfocus.com/bid/31132
http://www.ubuntu.com/usn/usn-659-1
457703 https://bugzilla.redhat.com/show_bug.cgi?id=457703
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*
CVE-2008-3535 https://nvd.nist.gov/vuln/detail/CVE-2008-3535
RHSA-2008:0857 https://access.redhat.com/errata/RHSA-2008:0857
USN-659-1 https://usn.ubuntu.com/659-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3535
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.14358
EPSS Score 0.00047
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:58:58.191258+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3535.json 38.0.0