Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4133

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2007-4133
Last Modified 21 Aug 2010 01:09:32
Published 04 Oct 2007 07:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4133

Summary

The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.19


References

BID - 25904

XF - kernel-hugetlbfs-dos(36925)

REDHAT - RHSA-2007:0940

MANDRIVA - MDKSA-2007:216

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4

DEBIAN - DSA-1381

CONFIRM - http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6

SECUNIA - 27322

SECUNIA - 26994

UBUNTU - USN-578-1

UBUNTU - USN-558-1

MANDRIVA - MDVSA-2008:105

MANDRIVA - MDVSA-2008:008

DEBIAN - DSA-1504

SECUNIA - 29058

SECUNIA - 28971

SECUNIA - 28170


Last Updated: 27 May 2016 10:45:46