Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5966

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2007-5966
Last Modified 07 Mar 2011 10:01:34
Published 19 Dec 2007 07:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5966

Summary

Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23.1

  • Linux Kernel 2.6.23.2

  • Linux Kernel 2.6.23.3

  • Linux Kernel 2.6.23.4

  • Linux Kernel 2.6.23.5

  • Linux Kernel 2.6.23.6

  • Linux Kernel 2.6.23.7

  • Linux Kernel 2.6.23.9


References

BID - 26880

VUPEN - ADV-2009-3316

VUPEN - ADV-2007-4225

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

REDHAT - RHSA-2009:1193

REDHAT - RHSA-2008:0585

MANDRIVA - MDVSA-2008:112

SECUNIA - 37471

SECUNIA - 36131

SECUNIA - 31628

SECUNIA - 28105

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10

CONFIRM - https://issues.rpath.com/browse/RPL-2038

UBUNTU - USN-574-1

BUGTRAQ - 20071218 rPSA-2007-0269-1 kernel

DEBIAN - DSA-1436

SECUNIA - 28806

SECUNIA - 28706

SECUNIA - 28141

SECUNIA - 28088

SUSE - SUSE-SA:2008:006


Last Updated: 27 May 2016 10:46:20