What is CVE-2008-1675?

CVE-2008-1675 is a High severity Linux kernel vulnerability with a CVSS score of 7.2 out of 10. CVE-2008-1675 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2008-1675?

CVE-2008-1675 has a CVSS score of 7.2 out of 10, rated High severity. The vector string is AV:L/AC:L/Au:N/C:C/I:C/A:C.

Is there a patch available for CVE-2008-1675?

No patch is currently available for CVE-2008-1675. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2008-1675 actively exploited?

CVE-2008-1675 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2008-1675

High

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

Package Linux Kernel

Published 2008-05-02

Last modified 2026-04-23

CVSS version 2.0

Patch available

Awaiting data

CVSS 2.0 score

7.2

out of 10

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

User Interaction

Scope

Confidentiality

Low

Integrity

Availability

Vector string

AV:L/AC:L/Au:N/C:C/I:C/A:C

Weakness type

CWE-399

CVE-2008-1675 is classified as CWE-399

See CWE-399 on MITRE CWE for full details on this weakness type.

References

The following references provide additional information about CVE-2008-1675 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Marc
http://marc.info/?l=linux-kernel&m=120949204519706&w=2

Exploit
Marc
http://marc.info/?l=linux-kernel&m=120949204619718&w=2

Exploit
Marc
http://marc.info/?l=linux-kernel&m=120949582428998&w=2

Exploit
Secunia
http://secunia.com/advisories/30017

Vendor Advisory
Secunia
http://secunia.com/advisories/30044

Vendor Advisory
Secunia
http://secunia.com/advisories/30260

Vendor Advisory
Secunia
http://secunia.com/advisories/30515

Vendor Advisory
Wiki
http://wiki.rpath.com/Advisories:rPSA-2008-0157
Wiki
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157
Kernel.org
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
Mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:109
Mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167
Securityfocus
http://www.securityfocus.com/archive/1/491566/100/0/threaded
Securityfocus
http://www.securityfocus.com/archive/1/491732/100/0/threaded
Securityfocus
http://www.securityfocus.com/bid/29014
Securitytracker
http://www.securitytracker.com/id?1019960
Vupen
http://www.vupen.com/english/advisories/2008/1406/references

Vendor Advisory
Exchange
https://exchange.xforce.ibmcloud.com/vulnerabilities/42132
Issues
https://issues.rpath.com/browse/RPL-2501
Ubuntu Security
https://usn.ubuntu.com/614-1/
Red Hat
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html

Details

CVE ID CVE-2008-1675

Severity High

CVSS score 7.2 / 10

CVSS version 2.0

Published 2008-05-02

Modified 2026-04-23

KEV No

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2008-1675?

CVE-2008-1675 is a High severity Linux kernel vulnerability with a CVSS score of 7.2 out of 10 . CVE-2008-1675 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2008-1675?

CVE-2008-1675 has a CVSS score of 7.2 out of 10, rated High severity (CVSS 2.0). The vector string is AV:L/AC:L/Au:N/C:C/I:C/A:C.
Is there a patch available for CVE-2008-1675?

No patch is currently available for CVE-2008-1675. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2008-1675 actively exploited?

No — CVE-2008-1675 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.