cve-2007-5966
Vulnerability from cvelistv5
Published
2007-12-20 00:00
Modified
2024-08-07 15:47
Severity ?
Summary
Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
References
secalert@redhat.comhttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
secalert@redhat.comhttp://secunia.com/advisories/28088
secalert@redhat.comhttp://secunia.com/advisories/28105Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28141
secalert@redhat.comhttp://secunia.com/advisories/28706
secalert@redhat.comhttp://secunia.com/advisories/28806
secalert@redhat.comhttp://secunia.com/advisories/31628
secalert@redhat.comhttp://secunia.com/advisories/36131
secalert@redhat.comhttp://secunia.com/advisories/37471
secalert@redhat.comhttp://www.debian.org/security/2007/dsa-1436
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:112
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0585.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-1193.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/485282/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/507985/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/26880Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-574-1
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2009-0016.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/4225
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/3316
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2038
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10774
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8125
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:10774",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10774"
          },
          {
            "name": "36131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36131"
          },
          {
            "name": "20071218 rPSA-2007-0269-1 kernel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485282/100/0/threaded"
          },
          {
            "name": "26880",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26880"
          },
          {
            "name": "28806",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28806"
          },
          {
            "name": "oval:org.mitre.oval:def:8125",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8125"
          },
          {
            "name": "DSA-1436",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1436"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2038"
          },
          {
            "name": "28141",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "28105",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28105"
          },
          {
            "name": "RHSA-2009:1193",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
          },
          {
            "name": "28706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28706"
          },
          {
            "name": "MDVSA-2008:112",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:112"
          },
          {
            "name": "ADV-2007-4225",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4225"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "name": "RHSA-2008:0585",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"
          },
          {
            "name": "28088",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28088"
          },
          {
            "name": "SUSE-SA:2008:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
          },
          {
            "name": "USN-574-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-574-1"
          },
          {
            "name": "31628",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31628"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:10774",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10774"
        },
        {
          "name": "36131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36131"
        },
        {
          "name": "20071218 rPSA-2007-0269-1 kernel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485282/100/0/threaded"
        },
        {
          "name": "26880",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26880"
        },
        {
          "name": "28806",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28806"
        },
        {
          "name": "oval:org.mitre.oval:def:8125",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8125"
        },
        {
          "name": "DSA-1436",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1436"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2038"
        },
        {
          "name": "28141",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "28105",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28105"
        },
        {
          "name": "RHSA-2009:1193",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1193.html"
        },
        {
          "name": "28706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28706"
        },
        {
          "name": "MDVSA-2008:112",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:112"
        },
        {
          "name": "ADV-2007-4225",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4225"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "name": "RHSA-2008:0585",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"
        },
        {
          "name": "28088",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28088"
        },
        {
          "name": "SUSE-SA:2008:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
        },
        {
          "name": "USN-574-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-574-1"
        },
        {
          "name": "31628",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31628"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-5966",
    "datePublished": "2007-12-20T00:00:00",
    "dateReserved": "2007-11-14T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5966\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2007-12-20T00:46:00.000\",\"lastModified\":\"2023-11-07T02:01:25.057\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de enteros en la funci\u00f3n hrtimer_start en kernel/hrtimer.c en el kernel de Linux anterior a 2.6.23.10 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n  o provocar denegaci\u00f3n de servicio (panic) a trav\u00e9s de un valor de desconexi\u00f3n por tiempo. NOTA: algunos de estos detalles han sido obtenidos por terceras fuentes de informaci\u00f3n.\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, and 4.\\n\\nIt was addressed in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2009-1193.html, and https://rhn.redhat.com/errata/RHSA-2008-0585.html respectively.\",\"lastModified\":\"2009-08-05T00:00:00\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.2},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E249774-CE05-43D5-A5A3-7CCE24BB2AD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D42BA44-C69B-4170-9867-CABF93CA9BD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5140380C-71BD-464F-AE53-1814C2653056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B18EC0A7-8616-4039-B98B-E1216E035B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22FB141B-FA2A-435D-8937-83FC0669CB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59131C8-F66A-4380-9F6E-3FC14C7C8562\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5421616-4BF5-4269-8996-C3D2BA6AE2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23FC6CE2-8717-4558-A309-A441D322F00E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"311BE336-7BB2-47C0-AED5-3DEA706C206F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AAC2E9D-0E82-4866-9046-ADD448418198\"}]}]}],\"references\":[{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28088\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28105\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28141\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28706\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28806\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/31628\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/36131\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/37471\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1436\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:112\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0585.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1193.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/485282/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/26880\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-574-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4225\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2038\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10774\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8125\",\"source\":\"secalert@redhat.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.