CVE-2007-0771

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/35927
http://secunia.com/advisories/25080	Vendor Advisory
http://securitytracker.com/id?1017979
http://www.redhat.com/support/errata/RHSA-2007-0169.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/23720
https://bugzilla.redhat.com/show_bug.cgi?id=227952
https://bugzilla.redhat.com/show_bug.cgi?id=228816
https://exchange.xforce.ibmcloud.com/vulnerabilities/34128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447
http://osvdb.org/35927
http://secunia.com/advisories/25080	Vendor Advisory
http://securitytracker.com/id?1017979
http://www.redhat.com/support/errata/RHSA-2007-0169.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/23720
https://bugzilla.redhat.com/show_bug.cgi?id=227952
https://bugzilla.redhat.com/show_bug.cgi?id=228816
https://exchange.xforce.ibmcloud.com/vulnerabilities/34128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:2.6.18:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc5::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc6::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18:rc7::::::
	cpe:2.3:o:linux:linux_kernel:2.6.18.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.18.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.18.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.18.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5.0::desktop:::::
	cpe:2.3:o:redhat:enterprise_linux:5.0::desktop_workstation:::::
	cpe:2.3:o:redhat:enterprise_linux:5.0::server:::::

History

21 Nov 2024, 00:26

Type	Values Removed	Values Added
References	~~() http://osvdb.org/35927 -~~	() http://osvdb.org/35927 -
References	~~() http://secunia.com/advisories/25080 - Vendor Advisory~~	() http://secunia.com/advisories/25080 - Vendor Advisory
References	~~() http://securitytracker.com/id?1017979 -~~	() http://securitytracker.com/id?1017979 -
References	~~() http://www.redhat.com/support/errata/RHSA-2007-0169.html - Patch, Vendor Advisory~~	() http://www.redhat.com/support/errata/RHSA-2007-0169.html - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/23720 -~~	() http://www.securityfocus.com/bid/23720 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=227952 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=227952 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=228816 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=228816 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/34128 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/34128 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447 -

Information

Published : 2007-05-02 22:19

Updated : 2024-11-21 00:26

NVD link : CVE-2007-0771

Mitre link : CVE-2007-0771

CVE.ORG link : CVE-2007-0771

JSON object : View

Products Affected

redhat

enterprise_linux

linux

linux_kernel

CWE

NVD-CWE-noinfo

4.9 /10