CVE-2008-0008: Input Validation
The padroproot function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.
Other sources
The SUSE bug [1] states that we don't check a return value of setuid() to see if we were able to drop privilegies. User can cause the call to fail by exhausting the resources in some cases, please add the check. Thanks!
[1] https://bugzilla.novell.com/showbug.cgi?id=347822
— Red Hat
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2008-0008?
CVE-2008-0008 is considered to have a critical impact as it may allow local users to gain elevated privileges.
How do I fix CVE-2008-0008?
To fix CVE-2008-0008, upgrade to PulseAudio version 0.9.9 or later, which addresses the privilege dropping issue.
Which versions of PulseAudio are affected by CVE-2008-0008?
PulseAudio versions 0.9.8 and 0.9.6 are affected by CVE-2008-0008.
Can CVE-2008-0008 affect all Linux distributions?
CVE-2008-0008 primarily affects distributions that utilize the vulnerable versions of PulseAudio, such as certain versions of Red Hat and Mandrake Linux.
Is CVE-2008-0008 a remote vulnerability?
CVE-2008-0008 is not remote; it requires local access to exploit the privilege escalation vulnerability.