VDB
CVE-2007-3105
CVE-2007-3105
PUBLISHED
Reported by redhat · Published July 27, 2007
Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Jul 27, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- RHSA-2007:0940 vendor-advisoryx_refsource_REDHAT
- oval:org.mitre.oval:def:10371 vdb-entrysignaturex_refsource_OVAL
- 27747 third-party-advisoryx_refsource_SECUNIA
- 27212 third-party-advisoryx_refsource_SECUNIA
- 27227 third-party-advisoryx_refsource_SECUNIA
- 26664 third-party-advisoryx_refsource_SECUNIA
- 26643 third-party-advisoryx_refsource_SECUNIA
- SUSE-SA:2007:051 vendor-advisoryx_refsource_SUSE
- SUSE-SA:2007:053 vendor-advisoryx_refsource_SUSE
- 27322 third-party-advisoryx_refsource_SECUNIA
- DSA-1363 vendor-advisoryx_refsource_DEBIAN
- 26651 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- RHSA-2007:0939 vendor-advisoryx_refsource_REDHAT
- USN-510-1 vendor-advisoryx_refsource_UBUNTU
- DSA-1504 vendor-advisoryx_refsource_DEBIAN
- x_refsource_CONFIRM
- 25348 vdb-entryx_refsource_BID
- USN-509-1 vendor-advisoryx_refsource_UBUNTU
- 26647 third-party-advisoryx_refsource_SECUNIA
…and 8 more