View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2008-5396 low priority: Ubuntu including 11 source packages (linux, linux-ec2, …), 102 status rows across 11 suites (dapper, gutsy, hardy, intrepid, jaunty, karmic, lucid, maverick, natty, oneiric, upstream): DNE 61, not-affected 24, needs-triage 10, ignored 6, released 1.
Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.