CVE-2007-2875

Severity

21%

Complexity

39%

Confidentiality

48%

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N).

Overview

Type

Linux

First reported 17 years ago

2007-06-11 22:30:00

Last updated 6 years ago

2018-10-19 19:03:00

Affected Software

Linux Kernel

Debian Debian Linux 3.1

3.1

Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)

6.06

Canonical Ubuntu Linux 6.10

6.10

Canonical Ubuntu Linux 7.04

7.04

References

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13

Vendor Advisory

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4

Vendor Advisory

20070607 Linux Kernel cpuset tasks Information Disclosure Vulnerability

Broken Link

37113

Broken Link

26133

Third Party Advisory

26139

Third Party Advisory

26620

Third Party Advisory

26647

Third Party Advisory

26760

Third Party Advisory

27227

Third Party Advisory

DSA-1363

Third Party Advisory

MDKSA-2007:171

Third Party Advisory

MDKSA-2007:196

Third Party Advisory

SUSE-SA:2007:053

Third Party Advisory

RHSA-2007:0705

Third Party Advisory

24389

Patch, Third Party Advisory, VDB Entry

1018211

Third Party Advisory, VDB Entry

USN-486-1

Third Party Advisory

USN-489-1

Third Party Advisory

USN-510-1

Third Party Advisory

ADV-2007-2105

Third Party Advisory

kernel-cpusettasksread-info-disclosure(34779)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:9251

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.