CVE		CVE-2008-0600
Status		Candidate
Description		The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Phase		Assigned (05.02.2008)
SecurityVulns:		Linux kernel multiple security vulnerabilities
NVD:		http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0600
References		BID : 27704
		BUGTRAQ : 20080212 rPSA-2008-0052-1 kernel
		CONFIRM : http://wiki.rpath.com/Advisories:rPSA-2008-0052
		DEBIAN : DSA-1494
		FEDORA : FEDORA-2008-1422
		FEDORA : FEDORA-2008-1423
		FRSIRT : ADV-2008-0487
		MANDRIVA : MDVSA-2008:043
		MANDRIVA : MDVSA-2008:044
		MILW0RM : 5092
		MLIST : [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
		MLIST : [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
		MLIST : [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
		MLIST : [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
		MLIST : [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit
		REDHAT : RHSA-2008:0129
		SECUNIA : 28835
		SECUNIA : 28858
		SECUNIA : 28875
		SECUNIA : 28896
		SUSE : SUSE-SA:2008:007
		UBUNTU : USN-577-1