CVE-2007-4133
Advisory lineage Upstream: 0 Downstream: 3
Downstream
Modified
Published: 04 Oct 2007, 23:00
Last modified:07 Aug 2024, 14:46
Vulnerability Summary
Overall Risk (default)
low
19/100 CVSS Score
4.7 MEDIUM
v2.0 (nvd)
EPSS Score
0.1% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
04 Oct 2007, 23:00
Published
Vulnerability first disclosed
07 Aug 2024, 14:46
Last Modified
Vulnerability information updated
Description
The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors.
CVSS Metrics
- v2.0•MEDIUM•Score: 4.7AV:L/AC:M/Au:N/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.10%• Percentile: 27%
Affected Systems
- linux•linux_kernel
≤ 2.6.19
References (18)
- http://www.redhat.com/support/errata/RHSA-2007-0940.html
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4
- http://secunia.com/advisories/27322
- http://secunia.com/advisories/26994
- http://www.debian.org/security/2008/dsa-1504
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
- http://www.ubuntu.com/usn/usn-558-1
- http://www.debian.org/security/2007/dsa-1381
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:105
- http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6
- http://www.securityfocus.com/bid/25904
- http://secunia.com/advisories/29058
- http://secunia.com/advisories/28971
- http://secunia.com/advisories/28170
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36925
- http://www.ubuntu.com/usn/usn-578-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10451