PublicDate: 2007-09-17 17:17:00 UTC
Candidate: CVE-2007-3731
References: 
 https://ubuntu.com/security/notices/USN-518-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3731
Description:
 The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT
 segment selector in %cs (the xcs field) during ptrace single-step
 operations, which allows local users to cause a denial of service (NULL
 dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and
 PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and
 possibly related to the arch_ptrace function.
Ubuntu-Description: 
 Evan Teran discovered that the Linux kernel ptrace routines did not correctly
 handle certain requests robustly. Local attackers could exploit this to crash
 the system, causing a denial of service
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 
upstream_linux-source-2.6.15: needed
upstream_linux-source-2.6.17: needed
upstream_linux-source-2.6.20: needed
dapper_linux-source-2.6.15: released (2.6.15-29.60)
edgy_linux-source-2.6.17: released (2.6.17.1-12.41)
feisty_linux-source-2.6.20: released (2.6.20-16.32)
upstream_linux-source-2.6.22: released (2.6.22)
devel_linux-source-2.6.22: released (2.6.22-12.39)