CVE-2008-4554

CVE-2008-4554 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.