CVE Vulnerability

CVE-2007-0997

Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.

6.9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.4 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://lkml.org/lkml/2006/7/17/140
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*
Information

Published : 2007-09-18 07:17

Updated : 2008-09-05 09:19

NVD link : CVE-2007-0997

Mitre link : CVE-2007-0997

Products Affected
No products.
CWE
CWE-362