CVE-2007-6761 — Vulnetix

CVE-2007-6761 REJECTED

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321.

EPSS 0.10% · 28.1th percentile

Risk Scores

EPSS Score

0.10%

28.1th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	linux	0
Ubuntu:14.04:LTS	linux-lts-xenial	0
Ubuntu:16.04:LTS	linux-aws	0
Ubuntu:16.04:LTS	linux-goldfish	3.4.0-4.24, 0, 3.4.0-4.26
Ubuntu:16.04:LTS	linux-snapdragon	0
Ubuntu:16.04:LTS	linux-gke	0
Ubuntu:16.04:LTS	linux-flo	3.4.0-5.19, 0
Ubuntu:16.04:LTS	linux-mako	3.4.0-7.39, 0
Ubuntu:14.04:LTS	linux	0
Ubuntu:14.04:LTS	linux-aws	0
Ubuntu:16.04:LTS	linux-raspi2	0
Ubuntu:16.04:LTS	linux-hwe	0
Ubuntu:14.04:LTS	linux-lts-vivid	0

Exploit Intelligence

Timeline

Apr 24, 2017 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 1, 2022 CVE Updated
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2007-6761 third-party-advisory
http://www.linuxgrill.com/anonymous/kernel/v2.6/ChangeLog-2.6.24 third-party-advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340 third-party-advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b29669c065f60501e7289e1950fa2a618962358 third-party-advisory
https://github.com/torvalds/linux/commit/0b29669c065f60501e7289e1950fa2a618962358 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2007-6761 third-party-advisory

Open in Interactive Console →