{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>Linux versions 2.6.24.1 et ant\u00e9rieures.</p>","content":"## Description\n\nUne erreur dans la gestion des tubes ou \u00ab pipes \u00bb est pr\u00e9sente dans le\nnoyau Linux des syst\u00e8mes d'exploitations GNU/Linux. Celle-ci permet \u00e0 un\nutilisateur malintentionn\u00e9, local au syst\u00e8me, d'aqu\u00e9rir les privil\u00e8ges\ndu super-utilisateur root.\n\n## Solution\n\nLa version 2.6.24.2 du noyau Linux corrige le probl\u00e8me :\n\n    http://www.kernel.org\n\nPour les diff\u00e9rentes distributions GNU/Linux, se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section\nDocumentation).\n","cves":[{"name":"CVE-2008-0600","url":"https://www.cve.org/CVERecord?id=CVE-2008-0600"},{"name":"CVE-2008-0010","url":"https://www.cve.org/CVERecord?id=CVE-2008-0010"},{"name":"CVE-2008-0009","url":"https://www.cve.org/CVERecord?id=CVE-2008-0009"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0129 du 12 f\u00e9vrier    2008 :","url":"https://rhn.redhat.com/errata/RHSA-2008-0129.html"},{"title":"Site du noyau Linux :","url":"http://www.kernel.org"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2008:043 du 11 f\u00e9vrier    2008 :","url":"http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:043"},{"title":"Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2008:007 du 12 f\u00e9vrier    2008 :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html"},{"title":"Liste des changements apport\u00e9s \u00e0 la version 2.6.24.2 du    noyau Linux :","url":"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.2"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-1494 du 11 f\u00e9vrier 2008 :","url":"http://www.debian.org/security/2008/DSA-1494"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-577 du 12 f\u00e9vrier 2008 :","url":"https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-February/000664.html"}],"reference":"CERTA-2008-AVI-067","revisions":[{"description":"version initiale ;","revision_date":"2008-02-11T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences CVE et des bulletins de s\u00e9curit\u00e9 Debian, Mandriva et SuSE ;","revision_date":"2008-02-12T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins RedHat et Ubuntu.","revision_date":"2008-02-13T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le noyau Linux permet \u00e0 un utilisateur local\nd'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 du noyau Linux","vendor_advisories":[{"published_at":null,"title":"Liste des changements apport\u00e9s \u00e0 la version 2.6.24.2 du noyau Linux","url":null}]}