cvelistv5 - cve-2008-0008

CVE-2008-0008 (GCVE-0-2008-0008)

Vulnerability from cvelistv5 – Published: 2008-01-28 23:00 – Updated: 2024-08-07 07:32

Summary

The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/bid/27449	vdb-entryx_refsource_BID
	http://secunia.com/advisories/28623	third-party-advisoryx_refsource_SECUNIA
	https://tango.0pointer.de/pipermail/pulseaudio-di…	mailing-listx_refsource_MLIST
	http://pulseaudio.org/changeset/2100	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0283	vdb-entryx_refsource_VUPEN
	http://bugs.gentoo.org/show_bug.cgi?id=207214	x_refsource_CONFIRM
	http://www.debian.org/security/2008/dsa-1476	vendor-advisoryx_refsource_DEBIAN
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	https://bugzilla.redhat.com/show_bug.cgi?id=425481	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-200802-07.xml	vendor-advisoryx_refsource_GENTOO
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/28738	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.ubuntu.com/usn/usn-573-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/28952	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28608	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.novell.com/show_bug.cgi?id=347822	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:32:23.571Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2008:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
          },
          {
            "name": "27449",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27449"
          },
          {
            "name": "28623",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28623"
          },
          {
            "name": "[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pulseaudio.org/changeset/2100"
          },
          {
            "name": "ADV-2008-0283",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0283"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
          },
          {
            "name": "DSA-1476",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1476"
          },
          {
            "name": "FEDORA-2008-0963",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
          },
          {
            "name": "GLSA-200802-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
          },
          {
            "name": "FEDORA-2008-0994",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
          },
          {
            "name": "28738",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28738"
          },
          {
            "name": "pulseaudio-padroproot-privilege-escalation(39992)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
          },
          {
            "name": "USN-573-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-573-1"
          },
          {
            "name": "28952",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28952"
          },
          {
            "name": "28608",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28608"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "MDVSA-2008:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
        },
        {
          "name": "27449",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27449"
        },
        {
          "name": "28623",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28623"
        },
        {
          "name": "[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pulseaudio.org/changeset/2100"
        },
        {
          "name": "ADV-2008-0283",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0283"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
        },
        {
          "name": "DSA-1476",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1476"
        },
        {
          "name": "FEDORA-2008-0963",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
        },
        {
          "name": "GLSA-200802-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
        },
        {
          "name": "FEDORA-2008-0994",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
        },
        {
          "name": "28738",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28738"
        },
        {
          "name": "pulseaudio-padroproot-privilege-escalation(39992)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
        },
        {
          "name": "USN-573-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-573-1"
        },
        {
          "name": "28952",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28952"
        },
        {
          "name": "28608",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28608"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-0008",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2008:027",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
            },
            {
              "name": "27449",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27449"
            },
            {
              "name": "28623",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28623"
            },
            {
              "name": "[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9",
              "refsource": "MLIST",
              "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
            },
            {
              "name": "http://pulseaudio.org/changeset/2100",
              "refsource": "CONFIRM",
              "url": "http://pulseaudio.org/changeset/2100"
            },
            {
              "name": "ADV-2008-0283",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0283"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=207214",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
            },
            {
              "name": "DSA-1476",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1476"
            },
            {
              "name": "FEDORA-2008-0963",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=425481",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
            },
            {
              "name": "GLSA-200802-07",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
            },
            {
              "name": "FEDORA-2008-0994",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
            },
            {
              "name": "28738",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28738"
            },
            {
              "name": "pulseaudio-padroproot-privilege-escalation(39992)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
            },
            {
              "name": "USN-573-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-573-1"
            },
            {
              "name": "28952",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28952"
            },
            {
              "name": "28608",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28608"
            },
            {
              "name": "https://bugzilla.novell.com/show_bug.cgi?id=347822",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-0008",
    "datePublished": "2008-01-28T23:00:00",
    "dateReserved": "2007-12-03T00:00:00",
    "dateUpdated": "2024-08-07T07:32:23.571Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19D64247-F0A0-4984-84EA-B63FC901F002\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"316AA6EB-7191-479E-99D5-40DA79E340E7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB7AD2F3-451D-4F37-A6F3-DE676804BBA3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*\", \"matchCriteriaId\": \"5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE2027FA-357A-4BE3-9043-6DE8307C040A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8E8256F-3FB6-45B2-8F03-02A61C10FAF0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulseaudio:pulseaudio:0.9.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7E8B62F-B9DE-4209-9531-8FA6C4869295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pulseaudio:pulseaudio:0.9.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21A099DF-9D09-4698-96FC-00D188FD9E36\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n pa_drop_root en PulseAudio versi\\u00f3n 0.9.8, y una cierta build 0.9.9, no comprueba los valores de retorno de llamadas (1) setresuid, (2) setreuid, (3) setuid y (4) seteuid, cuando intenta perder privilegios, lo que podr\\u00eda permitir a usuarios locales alcanzar privilegios causando que esas llamadas fallen por ataques tales como el agotamiento de recursos.\"}]",
      "id": "CVE-2008-0008",
      "lastModified": "2024-11-21T00:40:57.823",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-01-29T00:00:00.000",
      "references": "[{\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=207214\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://pulseaudio.org/changeset/2100\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/28608\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28623\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28738\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28952\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200802-07.xml\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1476\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:027\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27449\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-573-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0283\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=347822\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=425481\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39992\", \"source\": \"secalert@redhat.com\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=207214\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://pulseaudio.org/changeset/2100\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/28608\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28623\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28738\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28952\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200802-07.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1476\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:027\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27449\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-573-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=347822\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=425481\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39992\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0008\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-01-29T00:00:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n pa_drop_root en PulseAudio versi\u00f3n 0.9.8, y una cierta build 0.9.9, no comprueba los valores de retorno de llamadas (1) setresuid, (2) setreuid, (3) setuid y (4) seteuid, cuando intenta perder privilegios, lo que podr\u00eda permitir a usuarios locales alcanzar privilegios causando que esas llamadas fallen por ataques tales como el agotamiento de recursos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19D64247-F0A0-4984-84EA-B63FC901F002\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"316AA6EB-7191-479E-99D5-40DA79E340E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB7AD2F3-451D-4F37-A6F3-DE676804BBA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE2027FA-357A-4BE3-9043-6DE8307C040A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8E8256F-3FB6-45B2-8F03-02A61C10FAF0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulseaudio:pulseaudio:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7E8B62F-B9DE-4209-9531-8FA6C4869295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulseaudio:pulseaudio:0.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21A099DF-9D09-4698-96FC-00D188FD9E36\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=207214\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://pulseaudio.org/changeset/2100\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/28608\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28623\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28738\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28952\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200802-07.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1476\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:027\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27449\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-573-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0283\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=347822\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=425481\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39992\",\"source\":\"secalert@redhat.com\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=207214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://pulseaudio.org/changeset/2100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/28608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28738\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28952\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200802-07.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1476\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:027\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-573-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=347822\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=425481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

GHSA-8542-RFHF-WF9J

Vulnerability from github – Published: 2022-05-01 23:27 – Updated: 2022-05-01 23:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-01-29T00:00:00Z",
    "severity": "HIGH"
  },
  "details": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.",
  "id": "GHSA-8542-rfhf-wf9j",
  "modified": "2022-05-01T23:27:15Z",
  "published": "2022-05-01T23:27:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0008"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
    },
    {
      "type": "WEB",
      "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
    },
    {
      "type": "WEB",
      "url": "http://pulseaudio.org/changeset/2100"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28608"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28623"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28738"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28952"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1476"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27449"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-573-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0283"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-0008

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0008

Aliases

CVE-2008-0008

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0008",
    "description": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.",
    "id": "GSD-2008-0008",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-0008.html",
      "https://www.debian.org/security/2008/dsa-1476"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0008"
      ],
      "details": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.",
      "id": "GSD-2008-0008",
      "modified": "2023-12-13T01:22:58.707098Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-0008",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "MDVSA-2008:027",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
          },
          {
            "name": "27449",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27449"
          },
          {
            "name": "28623",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28623"
          },
          {
            "name": "[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9",
            "refsource": "MLIST",
            "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
          },
          {
            "name": "http://pulseaudio.org/changeset/2100",
            "refsource": "CONFIRM",
            "url": "http://pulseaudio.org/changeset/2100"
          },
          {
            "name": "ADV-2008-0283",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0283"
          },
          {
            "name": "http://bugs.gentoo.org/show_bug.cgi?id=207214",
            "refsource": "CONFIRM",
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
          },
          {
            "name": "DSA-1476",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1476"
          },
          {
            "name": "FEDORA-2008-0963",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=425481",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
          },
          {
            "name": "GLSA-200802-07",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
          },
          {
            "name": "FEDORA-2008-0994",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
          },
          {
            "name": "28738",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28738"
          },
          {
            "name": "pulseaudio-padroproot-privilege-escalation(39992)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
          },
          {
            "name": "USN-573-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-573-1"
          },
          {
            "name": "28952",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28952"
          },
          {
            "name": "28608",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28608"
          },
          {
            "name": "https://bugzilla.novell.com/show_bug.cgi?id=347822",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
                    "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
                    "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EE2027FA-357A-4BE3-9043-6DE8307C040A",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C8E8256F-3FB6-45B2-8F03-02A61C10FAF0",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:pulseaudio:pulseaudio:0.9.6:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F7E8B62F-B9DE-4209-9531-8FA6C4869295",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:pulseaudio:pulseaudio:0.9.8:*:*:*:*:*:*:*",
                    "matchCriteriaId": "21A099DF-9D09-4698-96FC-00D188FD9E36",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion."
          },
          {
            "lang": "es",
            "value": "La funci\u00f3n pa_drop_root en PulseAudio versi\u00f3n 0.9.8, y una cierta build 0.9.9, no comprueba los valores de retorno de llamadas (1) setresuid, (2) setreuid, (3) setuid y (4) seteuid, cuando intenta perder privilegios, lo que podr\u00eda permitir a usuarios locales alcanzar privilegios causando que esas llamadas fallen por ataques tales como el agotamiento de recursos."
          }
        ],
        "id": "CVE-2008-0008",
        "lastModified": "2024-01-09T02:46:32.613",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 10.0,
              "obtainAllPrivilege": true,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2008-01-29T00:00:00.000",
        "references": [
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Exploit"
            ],
            "url": "http://pulseaudio.org/changeset/2100"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/28608"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/28623"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/28738"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/28952"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1476"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/27449"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.ubuntu.com/usn/usn-573-1"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0283"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Issue Tracking"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Issue Tracking"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "VDB Entry"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
          }
        ],
        "sourceIdentifier": "secalert@redhat.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-20"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

OPENSUSE-SU-2024:11200-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

libpulse-devel-15.0-3.1 on GA media

Notes

Title of the patch

libpulse-devel-15.0-3.1 on GA media

Description of the patch

These are all security issues fixed in the libpulse-devel-15.0-3.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-11200

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libpulse-devel-15.0-3.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libpulse-devel-15.0-3.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11200",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11200-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0008 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0008/"
      }
    ],
    "title": "libpulse-devel-15.0-3.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11200-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpulse-devel-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse-devel-15.0-3.1.aarch64",
                  "product_id": "libpulse-devel-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-devel-32bit-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse-devel-32bit-15.0-3.1.aarch64",
                  "product_id": "libpulse-devel-32bit-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse-mainloop-glib0-15.0-3.1.aarch64",
                  "product_id": "libpulse-mainloop-glib0-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64",
                  "product_id": "libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse0-15.0-3.1.aarch64",
                  "product_id": "libpulse0-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-32bit-15.0-3.1.aarch64",
                "product": {
                  "name": "libpulse0-32bit-15.0-3.1.aarch64",
                  "product_id": "libpulse0-32bit-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-bash-completion-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-bash-completion-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-bash-completion-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-gdm-hooks-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-gdm-hooks-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-gdm-hooks-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-lang-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-lang-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-lang-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-bluetooth-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-bluetooth-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-bluetooth-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-gsettings-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-gsettings-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-gsettings-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-jack-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-jack-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-jack-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-lirc-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-lirc-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-lirc-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-x11-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-x11-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-x11-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-zeroconf-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-module-zeroconf-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-module-zeroconf-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-system-wide-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-system-wide-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-system-wide-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-utils-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-utils-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-32bit-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-utils-32bit-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-utils-32bit-15.0-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-zsh-completion-15.0-3.1.aarch64",
                "product": {
                  "name": "pulseaudio-zsh-completion-15.0-3.1.aarch64",
                  "product_id": "pulseaudio-zsh-completion-15.0-3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpulse-devel-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse-devel-15.0-3.1.ppc64le",
                  "product_id": "libpulse-devel-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-devel-32bit-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse-devel-32bit-15.0-3.1.ppc64le",
                  "product_id": "libpulse-devel-32bit-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse-mainloop-glib0-15.0-3.1.ppc64le",
                  "product_id": "libpulse-mainloop-glib0-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le",
                  "product_id": "libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse0-15.0-3.1.ppc64le",
                  "product_id": "libpulse0-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-32bit-15.0-3.1.ppc64le",
                "product": {
                  "name": "libpulse0-32bit-15.0-3.1.ppc64le",
                  "product_id": "libpulse0-32bit-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-bash-completion-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-bash-completion-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-bash-completion-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-gdm-hooks-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-gdm-hooks-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-gdm-hooks-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-lang-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-lang-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-lang-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-bluetooth-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-bluetooth-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-bluetooth-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-gsettings-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-gsettings-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-gsettings-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-jack-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-jack-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-jack-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-lirc-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-lirc-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-lirc-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-x11-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-x11-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-x11-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-zeroconf-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-module-zeroconf-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-module-zeroconf-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-system-wide-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-system-wide-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-system-wide-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-utils-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-utils-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-32bit-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-utils-32bit-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-utils-32bit-15.0-3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-zsh-completion-15.0-3.1.ppc64le",
                "product": {
                  "name": "pulseaudio-zsh-completion-15.0-3.1.ppc64le",
                  "product_id": "pulseaudio-zsh-completion-15.0-3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpulse-devel-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse-devel-15.0-3.1.s390x",
                  "product_id": "libpulse-devel-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-devel-32bit-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse-devel-32bit-15.0-3.1.s390x",
                  "product_id": "libpulse-devel-32bit-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse-mainloop-glib0-15.0-3.1.s390x",
                  "product_id": "libpulse-mainloop-glib0-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.s390x",
                  "product_id": "libpulse-mainloop-glib0-32bit-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse0-15.0-3.1.s390x",
                  "product_id": "libpulse0-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-32bit-15.0-3.1.s390x",
                "product": {
                  "name": "libpulse0-32bit-15.0-3.1.s390x",
                  "product_id": "libpulse0-32bit-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-15.0-3.1.s390x",
                  "product_id": "pulseaudio-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-bash-completion-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-bash-completion-15.0-3.1.s390x",
                  "product_id": "pulseaudio-bash-completion-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-gdm-hooks-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-gdm-hooks-15.0-3.1.s390x",
                  "product_id": "pulseaudio-gdm-hooks-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-lang-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-lang-15.0-3.1.s390x",
                  "product_id": "pulseaudio-lang-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-bluetooth-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-bluetooth-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-bluetooth-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-gsettings-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-gsettings-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-gsettings-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-jack-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-jack-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-jack-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-lirc-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-lirc-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-lirc-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-x11-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-x11-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-x11-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-zeroconf-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-module-zeroconf-15.0-3.1.s390x",
                  "product_id": "pulseaudio-module-zeroconf-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-system-wide-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-system-wide-15.0-3.1.s390x",
                  "product_id": "pulseaudio-system-wide-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-utils-15.0-3.1.s390x",
                  "product_id": "pulseaudio-utils-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-32bit-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-utils-32bit-15.0-3.1.s390x",
                  "product_id": "pulseaudio-utils-32bit-15.0-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-zsh-completion-15.0-3.1.s390x",
                "product": {
                  "name": "pulseaudio-zsh-completion-15.0-3.1.s390x",
                  "product_id": "pulseaudio-zsh-completion-15.0-3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpulse-devel-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse-devel-15.0-3.1.x86_64",
                  "product_id": "libpulse-devel-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-devel-32bit-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse-devel-32bit-15.0-3.1.x86_64",
                  "product_id": "libpulse-devel-32bit-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse-mainloop-glib0-15.0-3.1.x86_64",
                  "product_id": "libpulse-mainloop-glib0-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64",
                  "product_id": "libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse0-15.0-3.1.x86_64",
                  "product_id": "libpulse0-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpulse0-32bit-15.0-3.1.x86_64",
                "product": {
                  "name": "libpulse0-32bit-15.0-3.1.x86_64",
                  "product_id": "libpulse0-32bit-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-bash-completion-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-bash-completion-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-bash-completion-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-gdm-hooks-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-gdm-hooks-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-gdm-hooks-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-lang-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-lang-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-lang-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-bluetooth-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-bluetooth-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-bluetooth-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-gsettings-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-gsettings-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-gsettings-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-jack-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-jack-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-jack-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-lirc-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-lirc-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-lirc-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-x11-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-x11-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-x11-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-module-zeroconf-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-module-zeroconf-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-module-zeroconf-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-system-wide-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-system-wide-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-system-wide-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-utils-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-utils-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-utils-32bit-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-utils-32bit-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-utils-32bit-15.0-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pulseaudio-zsh-completion-15.0-3.1.x86_64",
                "product": {
                  "name": "pulseaudio-zsh-completion-15.0-3.1.x86_64",
                  "product_id": "pulseaudio-zsh-completion-15.0-3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse-devel-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse-devel-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.s390x"
        },
        "product_reference": "libpulse-devel-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse-devel-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-32bit-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse-devel-32bit-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-32bit-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse-devel-32bit-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-32bit-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.s390x"
        },
        "product_reference": "libpulse-devel-32bit-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-devel-32bit-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse-devel-32bit-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse-mainloop-glib0-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse-mainloop-glib0-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.s390x"
        },
        "product_reference": "libpulse-mainloop-glib0-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse-mainloop-glib0-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.s390x"
        },
        "product_reference": "libpulse-mainloop-glib0-32bit-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse0-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse0-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-15.0-3.1.s390x"
        },
        "product_reference": "libpulse0-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse0-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-32bit-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.aarch64"
        },
        "product_reference": "libpulse0-32bit-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-32bit-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.ppc64le"
        },
        "product_reference": "libpulse0-32bit-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-32bit-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.s390x"
        },
        "product_reference": "libpulse0-32bit-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpulse0-32bit-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.x86_64"
        },
        "product_reference": "libpulse0-32bit-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-bash-completion-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-bash-completion-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-bash-completion-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-bash-completion-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-bash-completion-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-bash-completion-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-bash-completion-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-bash-completion-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-gdm-hooks-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-gdm-hooks-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-gdm-hooks-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-gdm-hooks-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-gdm-hooks-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-gdm-hooks-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-gdm-hooks-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-gdm-hooks-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-lang-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-lang-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-lang-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-lang-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-lang-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-lang-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-lang-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-lang-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-bluetooth-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-bluetooth-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-bluetooth-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-bluetooth-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-bluetooth-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-bluetooth-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-bluetooth-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-bluetooth-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-gsettings-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-gsettings-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-gsettings-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-gsettings-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-gsettings-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-gsettings-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-gsettings-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-gsettings-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-jack-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-jack-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-jack-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-jack-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-jack-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-jack-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-jack-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-jack-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-lirc-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-lirc-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-lirc-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-lirc-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-lirc-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-lirc-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-lirc-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-lirc-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-x11-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-x11-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-x11-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-x11-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-x11-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-x11-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-x11-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-x11-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-zeroconf-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-module-zeroconf-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-zeroconf-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-module-zeroconf-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-zeroconf-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-module-zeroconf-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-module-zeroconf-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-module-zeroconf-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-system-wide-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-system-wide-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-system-wide-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-system-wide-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-system-wide-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-system-wide-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-system-wide-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-system-wide-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-utils-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-utils-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-utils-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-utils-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-32bit-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-utils-32bit-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-32bit-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-utils-32bit-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-32bit-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-utils-32bit-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-utils-32bit-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-utils-32bit-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-zsh-completion-15.0-3.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.aarch64"
        },
        "product_reference": "pulseaudio-zsh-completion-15.0-3.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-zsh-completion-15.0-3.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.ppc64le"
        },
        "product_reference": "pulseaudio-zsh-completion-15.0-3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-zsh-completion-15.0-3.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.s390x"
        },
        "product_reference": "pulseaudio-zsh-completion-15.0-3.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pulseaudio-zsh-completion-15.0-3.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.x86_64"
        },
        "product_reference": "pulseaudio-zsh-completion-15.0-3.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-0008",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0008"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:libpulse0-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse0-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse0-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse0-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.s390x",
          "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.x86_64",
          "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.aarch64",
          "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.ppc64le",
          "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.s390x",
          "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0008",
          "url": "https://www.suse.com/security/cve/CVE-2008-0008"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 347822 for CVE-2008-0008",
          "url": "https://bugzilla.suse.com/347822"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse-devel-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse-devel-32bit-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse-mainloop-glib0-32bit-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:libpulse0-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse0-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse0-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse0-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.s390x",
            "openSUSE Tumbleweed:libpulse0-32bit-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-bash-completion-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-gdm-hooks-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-lang-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-bluetooth-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-gsettings-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-jack-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-lirc-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-x11-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-module-zeroconf-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-system-wide-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-utils-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-utils-32bit-15.0-3.1.x86_64",
            "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.aarch64",
            "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.ppc64le",
            "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.s390x",
            "openSUSE Tumbleweed:pulseaudio-zsh-completion-15.0-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2008-0008"
    }
  ]
}

FKIE_CVE-2008-0008

Vulnerability from fkie_nvd - Published: 2008-01-29 00:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://bugs.gentoo.org/show_bug.cgi?id=207214	Third Party Advisory
secalert@redhat.com	http://pulseaudio.org/changeset/2100	Exploit
secalert@redhat.com	http://secunia.com/advisories/28608	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28623	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28738	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28952	Vendor Advisory
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200802-07.xml	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1476	Third Party Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:027	Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/27449	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/usn-573-1	Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0283	Vendor Advisory
secalert@redhat.com	https://bugzilla.novell.com/show_bug.cgi?id=347822	Issue Tracking
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=425481	Issue Tracking
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/39992	VDB Entry
secalert@redhat.com	https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html	Broken Link
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html	Third Party Advisory
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=207214	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://pulseaudio.org/changeset/2100	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28608	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28623	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28738	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28952	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200802-07.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1476	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:027	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27449	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-573-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0283	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.novell.com/show_bug.cgi?id=347822	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=425481	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39992	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html	Third Party Advisory

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux	2008.0
redhat	fedora	7
redhat	fedora	8
pulseaudio	pulseaudio	0.9.6
pulseaudio	pulseaudio	0.9.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE2027FA-357A-4BE3-9043-6DE8307C040A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E8256F-3FB6-45B2-8F03-02A61C10FAF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pulseaudio:pulseaudio:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7E8B62F-B9DE-4209-9531-8FA6C4869295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pulseaudio:pulseaudio:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "21A099DF-9D09-4698-96FC-00D188FD9E36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n pa_drop_root en PulseAudio versi\u00f3n 0.9.8, y una cierta build 0.9.9, no comprueba los valores de retorno de llamadas (1) setresuid, (2) setreuid, (3) setuid y (4) seteuid, cuando intenta perder privilegios, lo que podr\u00eda permitir a usuarios locales alcanzar privilegios causando que esas llamadas fallen por ataques tales como el agotamiento de recursos."
    }
  ],
  "id": "CVE-2008-0008",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-01-29T00:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://pulseaudio.org/changeset/2100"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28608"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28623"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28738"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28952"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1476"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/27449"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-573-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0283"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://pulseaudio.org/changeset/2100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28738"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28952"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/27449"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-573-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0008 (GCVE-0-2008-0008)

GHSA-8542-RFHF-WF9J

GSD-2008-0008

OPENSUSE-SU-2024:11200-1

FKIE_CVE-2008-0008

Tags

Sightings

Nomenclature