Linux Kernel CVE Statistics

8 Linux Kernel CVEs in October 2008

Full month · Source: NIST NVD

September 2008 November 2008

In October 2008, 8 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 2 were rated High severity and 6 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. October's 8 CVEs represent 10% of all 2008 Linux kernel CVEs , down from September's 11 (a 27% month-over-month decrease) .

8
Total CVEs
0
Critical
2
High
6
Medium
0
Low
0
KEV Exploited
All CVEs — October 2008 8 CVEs
All (8) Critical (0) High (2) Medium (6) Low (0)
CVE ID Package Severity CVSS Published Description
CVE-2008-4618 linux High 7.8 2008-10-21 The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly hand…
CVE-2008-4576 linux High 7.8 2008-10-15 sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that …
CVE-2008-4410 linux Medium 4.9 2008-10-03 The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel…
CVE-2008-3832 linux Medium 4.9 2008-10-03 A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5…
CVE-2008-3833 linux Medium 4.9 2008-10-03 The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid …
CVE-2008-3831 linux Medium 4.7 2008-10-20 The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/d…
CVE-2008-4445 linux Medium 4.7 2008-10-06 The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementatio…
CVE-2008-4554 linux Medium 4.6 2008-10-15 The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have…

Frequently Asked Questions

How many Linux kernel CVEs were published in October 2008?

8 Linux kernel CVEs were published in October 2008, sourced from the NIST National Vulnerability Database. Of these, 0 were rated Critical severity, 2 High, and 6 Medium.

How does October 2008 compare to other months?

October 2008's 8 CVEs represent 10% of all 2008 Linux kernel CVEs. Compared to September's 11 CVEs, this was a 27% decrease month-over-month. View the full 2008 breakdown →

September 2008 2008 statistics November 2008