Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-k2r6-f34x-guge

Summary kernel: splice: fix bad unlock_page() in error case

Aliases

alias	CVE-2008-4302

Fixed_packages

Affected_packages

url pkg:rpm/redhat/kernel@2.6.18-92.1.18?arch=el5

purl pkg:rpm/redhat/kernel@2.6.18-92.1.18?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3s7g-w417-u3f7

vulnerability	VCID-hjz4-81cy-w7az

vulnerability	VCID-j2ym-frqh-8ugt

vulnerability	VCID-jcyz-npd9-jugr

vulnerability	VCID-k2r6-f34x-guge

vulnerability	VCID-nvjg-9rzb-dufu

vulnerability	VCID-qv5k-g3b6-hfc2

vulnerability	VCID-r92j-bk4h-fqdn

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-92.1.18%3Farch=el5

References

reference_url	http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64
reference_id
reference_type
scores
url	http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=6a860c979b35469e4d77da781a96bdb2ca05ae64

reference_url	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2
reference_id
reference_type
scores
url	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

reference_url	http://lkml.org/lkml/2007/7/20/168
reference_id
reference_type
scores
url	http://lkml.org/lkml/2007/7/20/168

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4302.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-4302

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.35992
published_at	2026-05-09T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.35971
published_at	2026-05-07T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36328
published_at	2026-04-01T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36502
published_at	2026-04-02T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36536
published_at	2026-04-04T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36374
published_at	2026-04-07T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36424
published_at	2026-04-08T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36444
published_at	2026-04-09T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36452
published_at	2026-04-11T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36417
published_at	2026-04-12T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36395
published_at	2026-04-13T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36436
published_at	2026-04-16T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36419
published_at	2026-04-18T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36363
published_at	2026-04-21T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36139
published_at	2026-04-24T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36109
published_at	2026-04-26T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36023
published_at	2026-04-29T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.35903
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-4302

reference_url	http://secunia.com/advisories/32237
reference_id
reference_type
scores
url	http://secunia.com/advisories/32237

reference_url	http://secunia.com/advisories/32485
reference_id
reference_type
scores
url	http://secunia.com/advisories/32485

reference_url	http://secunia.com/advisories/32759
reference_id
reference_type
scores
url	http://secunia.com/advisories/32759

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/45191
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/45191

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10547

reference_url	http://www.debian.org/security/2008/dsa-1653
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1653

reference_url	http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html
reference_id
reference_type
scores
url	http://www.juniper.net/security/auto/vulnerabilities/vuln31201.html

reference_url	http://www.openwall.com/lists/oss-security/2008/09/16/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/09/16/10

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0957.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0957.html

reference_url	http://www.securityfocus.com/bid/31201
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/31201

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=462434
reference_id	462434
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=462434

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel::::::::
reference_id	cpe:2.3:o:linux:linux_kernel::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-4302

reference_id

CVE-2008-4302

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2008-4302

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32384.txt
reference_id	CVE-2008-4302;OSVDB-49898
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32384.txt

reference_url	https://www.securityfocus.com/bid/31201/info
reference_id	CVE-2008-4302;OSVDB-49898
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/31201/info

reference_url	https://access.redhat.com/errata/RHSA-2008:0957
reference_id	RHSA-2008:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0957

Weaknesses

cwe_id	667
name	Improper Locking
description	The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

Exploits

date_added	2007-07-20
description	Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2007-07-20
exploit_type	dos
platform	linux
source_date_updated	2014-03-20
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/31201/info

Severity_range_score 4.9 - 5.5

Exploitability 2.0

Weighted_severity 5.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2r6-f34x-guge

Vulnerability Instance