Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6733

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2007-6733
Last Modified 19 Mar 2012 12:00:00
Published 16 Mar 2010 03:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6733

Summary

The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this file's permissions, a related issue to CVE-2010-0727.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.9


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=570863

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=218777

REDHAT - RHBA-2007-0304


Last Updated: 27 May 2016 10:57:29