[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110139

 
 

909

 
 

85964

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-0997Date: (C)2007-09-18   (M)2018-02-19


Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 6.9
Exploit Score: Exploit Score: 3.4
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: LOCAL
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
http://lkml.org/lkml/2006/7/17/140
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18

CPE    13
cpe:/o:linux:linux_kernel:2.6.17
cpe:/o:linux:linux_kernel:2.6.17.4
cpe:/o:linux:linux_kernel:2.6.17.5
cpe:/o:linux:linux_kernel:2.6.17.6
...
CWE    1
CWE-362

© SecPod Technologies