Follow @discotekdotca
CVE-2006-7051
Current Description
The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.
Basic Data
| Published | February 24, 2007 |
|---|---|
| Last Modified | October 30, 2018 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | NVD-CWE-Other |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:L/AC:L/Au:N/C:N/I:N/A:C |
| CVSS 2 - Access Vector | LOCAL |
| CVSS 2 - Access Complexity | LOW |
| CVSS 2 - Authentication | NONE |
| CVSS 2 - Confidentiality Impact | NONE |
| CVSS 2 - Availability Impact | COMPLETE |
| CVSS 2 - Base Score | 4.9 |
| Severity | MEDIUM |
| Exploitability Score | 3.9 |
| Impact Score | 6.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Linux Linux Kernel 2.6.18.0 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.1 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.2 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.3 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.4 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.5 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.6 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.18.7 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.19 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.19.1 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.19.2 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.19.3 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.19.4 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.20 * * * * * * * � � � � 2.3 OS Linux Linux Kernel 2.6.20.1 * * * * * * * � � � �
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.18.0, 2.6.18.1, 2.6.18.2, 2.6.18.3, 2.6.18.4, 2.6.18.5, 2.6.18.6, 2.6.18.7, 2.6.19, 2.6.19.1, 2.6.19.2, 2.6.19.3, 2.6.19.4, 2.6.20, 2.6.20.1 |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| 2287 | http://securityreason.com/securityalert/2287 | SREASON | |
| 20060404 Linux Kernel Local DoS vulnerability. | http://www.securityfocus.com/archive/1/430278/30/5790/threaded | BUGTRAQ | |
| linux-systimercreate-dos(25712) | https://exchange.xforce.ibmcloud.com/vulnerabilities/25712 | XF | |
| 1657 | https://www.exploit-db.com/exploits/1657 | EXPLOIT-DB |