CVE-2007-5966
Published: 20 December 2007
Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
Notes
| Author | Note |
|---|---|
| jdstrand | local DoS with speculation of arbitray code execution (but it's not confirmed), so setting to medium for now. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| upstream |
Released
(2.6.24)
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(code not present)
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Released
(2.6.17.1-12.43)
|
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Released
(2.6.20-16.34)
|
|
| gutsy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Does not exist
|
|
| gutsy |
Released
(2.6.22-14.51)
|
|
| upstream |
Needs triage
|
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=62f0f61e6673e67151a7c8c0f9a09c7ea43fe2b5;hp=f194d132e4971111f85c18c96067acffb13cee6d
- https://ubuntu.com/security/notices/USN-574-1
- https://www.cve.org/CVERecord?id=CVE-2007-5966
- NVD
- Launchpad
- Debian