Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-qv5k-g3b6-hfc2
Vulnerability ID VCID-qv5k-g3b6-hfc2
Aliases CVE-2008-2372
Summary kernel: Reinstate ZERO_PAGE optimization in 'get_user_pages()' and fix XIP
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2008-2372
cvssv2 4.9 https://nvd.nist.gov/vuln/detail/CVE-2008-2372
Reference id Reference type URL
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=89f5b7da2a6bad2e84670422ab8192382a5aeb9f
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html
http://new-ubuntu-news.blogspot.com/2008/06/re-pending-stable-kernel-security_25.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2372.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2372
http://secunia.com/advisories/30901
http://secunia.com/advisories/30982
http://secunia.com/advisories/31202
http://secunia.com/advisories/31628
http://secunia.com/advisories/32393
http://secunia.com/advisories/32485
https://exchange.xforce.ibmcloud.com/vulnerabilities/43550
https://issues.rpath.com/browse/RPL-2629
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9383
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207
http://www.redhat.com/support/errata/RHSA-2008-0585.html
http://www.redhat.com/support/errata/RHSA-2008-0957.html
http://www.ubuntu.com/usn/usn-659-1
http://www.ussg.iu.edu/hypermail/linux/kernel/0804.3/3203.html
452666 https://bugzilla.redhat.com/show_bug.cgi?id=452666
cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*
CVE-2008-2372 https://nvd.nist.gov/vuln/detail/CVE-2008-2372
RHSA-2008:0585 https://access.redhat.com/errata/RHSA-2008:0585
RHSA-2008:0957 https://access.redhat.com/errata/RHSA-2008:0957
USN-659-1 https://usn.ubuntu.com/659-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-2372
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.14737
EPSS Score 0.00048
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:59:03.608086+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2372.json 38.0.0