Local Denial of Service Vulnerability in Linux Kernel by Red Hat
CVE-2007-0771

Currently unrated

Key Information:

Vendor: Linux
Status: Linux Kernel; Enterprise Linux
Vendor: CVE Published:; 2 May 2007

What is CVE-2007-0771?

The utrace support in certain versions of the Linux kernel, specifically starting with 2.6.18, allows local users to trigger a denial of service. This occurs due to a failure mode during the 'MT exec + utrace_attach' process, leading to potential system hangs, as illustrated in the ptrace-thrash.c demonstration. Users should consider updating their kernel version and implementing safeguards against this denial of service vector.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34128

vdb-entryx_refsource_XF

http://securitytracker.com/id?1017979

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/23720

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2007
Vulnerability Reserved
Feb 6, 2007