Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-256
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans la branche 2.6 du noyau Linux permettent à un utilisateur malintentionné de provoquer un déni de service à distance ou de porter atteinte à la confidentialité des données.
Description
- Une vulnérabilité dans NETFILTER permet à une personne malveillante de provoquer un déni de service du système au moyen d'un paquet SCTP (Stream Control Transmission Protocol spécialement contruit (CVE-2007-2876) ;
- la seconde vulnérabilité dans la fonction cpuset_tasks_read permet à un individu malintentionné d'avoir accès en lecture à la certaine zone mémoire du noyau Linux (CVE-2007-2875) ;
- une faiblesse dans le noyau Linux lors du traitement des graines utilisées pour la création de nombres aléatoires. Cela peut fragiliser toute application s'appuyant sur ce générateur de nombre aléatoire (CVE-2007-2453).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Noyau Linux 2.6.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eNoyau Linux 2.6.\u003c/P\u003e",
"content": "## Description\n\n- Une vuln\u00e9rabilit\u00e9 dans NETFILTER permet \u00e0 une personne malveillante\n de provoquer un d\u00e9ni de service du syst\u00e8me au moyen d\u0027un paquet SCTP\n (Stream Control Transmission Protocol sp\u00e9cialement contruit\n (CVE-2007-2876) ;\n- la seconde vuln\u00e9rabilit\u00e9 dans la fonction cpuset_tasks_read permet \u00e0\n un individu malintentionn\u00e9 d\u0027avoir acc\u00e8s en lecture \u00e0 la certaine\n zone m\u00e9moire du noyau Linux (CVE-2007-2875) ;\n- une faiblesse dans le noyau Linux lors du traitement des graines\n utilis\u00e9es pour la cr\u00e9ation de nombres al\u00e9atoires. Cela peut\n fragiliser toute application s\u0027appuyant sur ce g\u00e9n\u00e9rateur de nombre\n al\u00e9atoire (CVE-2007-2453).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-2876",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2876"
},
{
"name": "CVE-2007-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2875"
},
{
"name": "CVE-2007-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2453"
}
],
"links": [
{
"title": "Liste des changements apport\u00e9s \u00e0 la version 2.6.21.4 du noyau Linux :",
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
}
],
"reference": "CERTA-2007-AVI-256",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans la branche 2.6 du noyau Linux permettent \u00e0\nun utilisateur malintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance\nou de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux",
"vendor_advisories": [
{
"published_at": null,
"title": "Liste des changements apport\u00e9s \u00e0 la version 2.6.21.4 du noyau Linux",
"url": null
}
]
}
CVE-2007-2876 (GCVE-0-2007-2876)
Vulnerability from cvelistv5 – Published: 2007-06-11 23:00 – Updated: 2024-08-07 13:57
VLAI?
EPSS
Summary
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24376",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24376"
},
{
"name": "27227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27227"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "SUSE-SA:2007:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "26289",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26289"
},
{
"name": "25838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25838"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "DSA-1356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "26760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "kernel-sctpnew-dos(34777)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34777"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25961"
},
{
"name": "oval:org.mitre.oval:def:10116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10116"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "37112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37112"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "RHSA-2007:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "24376",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24376"
},
{
"name": "27227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27227"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "SUSE-SA:2007:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "26289",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26289"
},
{
"name": "25838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25838"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "DSA-1356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "26760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "kernel-sctpnew-dos(34777)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34777"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25961"
},
{
"name": "oval:org.mitre.oval:def:10116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10116"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "37112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37112"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "RHSA-2007:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24376",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24376"
},
{
"name": "27227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27227"
},
{
"name": "26664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "SUSE-SA:2007:043",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "26289",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26289"
},
{
"name": "25838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25838"
},
{
"name": "MDKSA-2007:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "DSA-1356",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "26760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "kernel-sctpnew-dos(34777)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34777"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25961"
},
{
"name": "oval:org.mitre.oval:def:10116",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10116"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm"
},
{
"name": "USN-486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26450"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "37112",
"refsource": "OSVDB",
"url": "http://osvdb.org/37112"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "26139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26139"
},
{
"name": "RHSA-2007:0488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html"
},
{
"name": "26133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2876",
"datePublished": "2007-06-11T23:00:00",
"dateReserved": "2007-05-29T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2453 (GCVE-0-2007-2453)
Vulnerability from cvelistv5 – Published: 2007-06-11 23:00 – Updated: 2024-08-07 13:42
VLAI?
EPSS
Summary
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:32.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-470-1"
},
{
"name": "1018248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018248"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "24390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24390"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "kernel-randomnumber-weak-security(34781)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34781"
},
{
"name": "DSA-1356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "MDKSA-2007:216",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25961"
},
{
"name": "37114",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37114"
},
{
"name": "25596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25596"
},
{
"name": "RHSA-2007:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2007-0376.html"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "25700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25700"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9960",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9960"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-470-1"
},
{
"name": "1018248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018248"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "24390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24390"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "kernel-randomnumber-weak-security(34781)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34781"
},
{
"name": "DSA-1356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "MDKSA-2007:216",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25961"
},
{
"name": "37114",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37114"
},
{
"name": "25596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25596"
},
{
"name": "RHSA-2007:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2007-0376.html"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "25700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25700"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9960",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9960"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-470-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-470-1"
},
{
"name": "1018248",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018248"
},
{
"name": "26664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "ADV-2007-2105",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:043",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
},
{
"name": "24390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24390"
},
{
"name": "MDKSA-2007:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "kernel-randomnumber-weak-security(34781)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34781"
},
{
"name": "DSA-1356",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1356"
},
{
"name": "MDKSA-2007:216",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"name": "26620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.21.4",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=118128622431272\u0026w=2"
},
{
"name": "25961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25961"
},
{
"name": "37114",
"refsource": "OSVDB",
"url": "http://osvdb.org/37114"
},
{
"name": "25596",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25596"
},
{
"name": "RHSA-2007:0376",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2007-0376.html"
},
{
"name": "USN-486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26450"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "25700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25700"
},
{
"name": "[linux-kernel] 20070608 Linux 2.6.20.13",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=118128610219959\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9960",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9960"
},
{
"name": "26139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2453",
"datePublished": "2007-06-11T23:00:00",
"dateReserved": "2007-05-02T00:00:00",
"dateUpdated": "2024-08-07T13:42:32.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2875 (GCVE-0-2007-2875)
Vulnerability from cvelistv5 – Published: 2007-06-11 22:00 – Updated: 2024-08-07 13:57
VLAI?
EPSS
Summary
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070607 Linux Kernel cpuset tasks Information Disclosure Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "27227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27227"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "24389",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24389"
},
{
"name": "DSA-1363",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13"
},
{
"name": "37113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37113"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "26647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26647"
},
{
"name": "26760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "oval:org.mitre.oval:def:9251",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251"
},
{
"name": "kernel-cpusettasksread-info-disclosure(34779)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34779"
},
{
"name": "1018211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018211"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20070607 Linux Kernel cpuset tasks Information Disclosure Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "27227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27227"
},
{
"name": "ADV-2007-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "24389",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24389"
},
{
"name": "DSA-1363",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13"
},
{
"name": "37113",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37113"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "26647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26647"
},
{
"name": "26760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "oval:org.mitre.oval:def:9251",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251"
},
{
"name": "kernel-cpusettasksread-info-disclosure(34779)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34779"
},
{
"name": "1018211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018211"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070607 Linux Kernel cpuset tasks Information Disclosure Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541"
},
{
"name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4",
"refsource": "CONFIRM",
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4"
},
{
"name": "27227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27227"
},
{
"name": "ADV-2007-2105",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2105"
},
{
"name": "SUSE-SA:2007:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name": "24389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24389"
},
{
"name": "DSA-1363",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1363"
},
{
"name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13",
"refsource": "CONFIRM",
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13"
},
{
"name": "37113",
"refsource": "OSVDB",
"url": "http://osvdb.org/37113"
},
{
"name": "MDKSA-2007:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "USN-510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-510-1"
},
{
"name": "26647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26647"
},
{
"name": "26760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "26620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26620"
},
{
"name": "USN-489-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-489-1"
},
{
"name": "MDKSA-2007:196",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "oval:org.mitre.oval:def:9251",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251"
},
{
"name": "kernel-cpusettasksread-info-disclosure(34779)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34779"
},
{
"name": "1018211",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018211"
},
{
"name": "USN-486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "26139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26139"
},
{
"name": "26133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2875",
"datePublished": "2007-06-11T22:00:00",
"dateReserved": "2007-05-29T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…