CVE - CVE-2007-3731

CVE-ID
CVE-2007-3731	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:20080229 rPSA-2008-0094-1 kernel URL:http://www.securityfocus.com/archive/1/488972/100/0/threaded MISC:25801 URL:http://www.securityfocus.com/bid/25801 MISC:26935 URL:http://secunia.com/advisories/26935 MISC:26955 URL:http://secunia.com/advisories/26955 MISC:26978 URL:http://secunia.com/advisories/26978 MISC:27322 URL:http://secunia.com/advisories/27322 MISC:29159 URL:http://secunia.com/advisories/29159 MISC:37286 URL:~~http://osvdb.org/37286~~ (Obsolete source) MISC:DSA-1378 URL:http://www.debian.org/security/2007/dsa-1378 MISC:RHSA-2007:0940 URL:http://www.redhat.com/support/errata/RHSA-2007-0940.html MISC:USN-518-1 URL:http://www.ubuntu.com/usn/usn-518-1 MISC:http://bugzilla.kernel.org/show_bug.cgi?id=8765 URL:http://bugzilla.kernel.org/show_bug.cgi?id=8765 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29eb51101c02df517ca64ec472d7501127ad1da8 URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29eb51101c02df517ca64ec472d7501127ad1da8 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=a10d9a71bafd3a283da240d2868e71346d2aef6f URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=a10d9a71bafd3a283da240d2868e71346d2aef6f MISC:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0094 URL:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0094 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=248324 URL:https://bugzilla.redhat.com/show_bug.cgi?id=248324 MISC:https://issues.rpath.com/browse/RPL-2304 URL:https://issues.rpath.com/browse/RPL-2304 MISC:oval:org.mitre.oval:def:10394 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10394
Assigning CNA
Red Hat, Inc.
Date Record Created
20070712	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070712)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.