Vulnerability Name: | CVE-2007-6712 (CCN-41827) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2007-03-16 | ||||||||||||||||||||||||||||||||||||
Published: | 2007-03-16 | ||||||||||||||||||||||||||||||||||||
Updated: | 2017-09-29 | ||||||||||||||||||||||||||||||||||||
Summary: | Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C) 3.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-189 CWE-835 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2007-6712 Source: CCN Type: Linux Kernel GIT Repository [PATCH] hrtimer: prevent overrun DoS in hrtimer_forward() Source: CONFIRM Type: UNKNOWN http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git;a=commitdiff;h=13788ccc41ceea5893f9c747c59bc0b28f2416c2 Source: SUSE Type: UNKNOWN SUSE-SA:2008:030 Source: CCN Type: RHSA-2008-0275 Important: kernel security and bug fix update Source: CCN Type: RHSA-2008-0585 Important: kernel security and bug fix update Source: SECUNIA Type: UNKNOWN 30294 Source: SECUNIA Type: UNKNOWN 30368 Source: SECUNIA Type: UNKNOWN 30818 Source: SECUNIA Type: UNKNOWN 31107 Source: SECUNIA Type: UNKNOWN 31628 Source: DEBIAN Type: UNKNOWN DSA-1588 Source: DEBIAN Type: DSA-1588 linux-2.6 -- denial of service Source: CCN Type: The Linux Kernel Archives Web site The Linux Kernel Archives Source: REDHAT Type: UNKNOWN RHSA-2008:0275 Source: REDHAT Type: UNKNOWN RHSA-2008:0585 Source: BID Type: UNKNOWN 29294 Source: CCN Type: BID-29294 Linux Kernel 'hrtimer_forward()' Local Denial of Service Vulnerability Source: CCN Type: USN-625-1 Linux kernel vulnerabilities Source: UBUNTU Type: UNKNOWN USN-625-1 Source: XF Type: UNKNOWN linux-kernel-hrtimerforward-dos(41827) Source: XF Type: UNKNOWN linux-kernel-hrtimerforward-dos(41827) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9210 Source: SUSE Type: SUSE-SA:2008:030 Linux kernel security update | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |