Follow @discotekdotca
CVE-2007-0006
Current Description
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."
Evaluator Description
The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision.
Basic Data
| Published | February 06, 2007 |
|---|---|
| Last Modified | October 11, 2017 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | NVD-CWE-Other |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:L/AC:M/Au:N/C:N/I:N/A:P |
| CVSS 2 - Access Vector | LOCAL |
| CVSS 2 - Access Complexity | MEDIUM |
| CVSS 2 - Authentication | NONE |
| CVSS 2 - Confidentiality Impact | NONE |
| CVSS 2 - Availability Impact | PARTIAL |
| CVSS 2 - Base Score | 1.9 |
| Severity | LOW |
| Exploitability Score | 3.4 |
| Impact Score | 2.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Linux Linux Kernel 2.6.9 2.6.20 * * * * * * � � � � 2.3 OS Linux Linux Kernel * * * * * * * * � 2.6.20 � �
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | *, 2.6.9 |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| http://bugzilla.kernel.org/show_bug.cgi?id=7727 | http://bugzilla.kernel.org/show_bug.cgi?id=7727 | CONFIRM | |
| 24109 | http://secunia.com/advisories/24109 | SECUNIA | Vendor Advisory |
| 24259 | http://secunia.com/advisories/24259 | SECUNIA | Vendor Advisory |
| 24300 | http://secunia.com/advisories/24300 | SECUNIA | Vendor Advisory |
| 24429 | http://secunia.com/advisories/24429 | SECUNIA | Vendor Advisory |
| 24482 | http://secunia.com/advisories/24482 | SECUNIA | Vendor Advisory |
| 24547 | http://secunia.com/advisories/24547 | SECUNIA | Vendor Advisory |
| 24752 | http://secunia.com/advisories/24752 | SECUNIA | Vendor Advisory |
| 25691 | http://secunia.com/advisories/25691 | SECUNIA | Vendor Advisory |
| MDKSA-2007:047 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:047 | MANDRIVA | |
| MDKSA-2007:060 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:060 | MANDRIVA | |
| SUSE-SA:2007:021 | http://www.novell.com/linux/security/advisories/2007_21_kernel.html | SUSE | |
| RHSA-2007:0085 | http://www.redhat.com/support/errata/RHSA-2007-0085.html | REDHAT | |
| RHSA-2007:0099 | http://www.redhat.com/support/errata/RHSA-2007-0099.html | REDHAT | |
| 20070615 rPSA-2007-0124-1 kernel xen | http://www.securityfocus.com/archive/1/471457 | BUGTRAQ | |
| 22539 | http://www.securityfocus.com/bid/22539 | BID | |
| USN-451-1 | http://www.ubuntu.com/usn/usn-451-1 | UBUNTU | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495 | CONFIRM | |
| https://issues.rpath.com/browse/RPL-1097 | https://issues.rpath.com/browse/RPL-1097 | CONFIRM | |
| oval:org.mitre.oval:def:9829 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9829 | OVAL |