CVE-2007-3731

Exploit

EPSS 0.04%
Published 17.09.2007 17:17:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.

Affected products Warnungen 0 Metrics 2 CWE 1 References 21

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version2.6.20

Linux ≫ Linux Kernel Version2.6.21

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/27322

http://www.redhat.com/support/errata/RHSA-2007-0940.html

http://secunia.com/advisories/26978

http://www.debian.org/security/2007/dsa-1378

http://secunia.com/advisories/26955

http://www.ubuntu.com/usn/usn-518-1

http://bugzilla.kernel.org/show_bug.cgi?id=8765

Exploit

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29eb51101c02df517ca64ec472d7501127ad1da8

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=a10d9a71bafd3a283da240d2868e71346d2aef6f

http://osvdb.org/37286

http://secunia.com/advisories/26935