CVE-2007-3105 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-3105
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3105

Description: Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-510-1 http://www.ubuntu.com/usn/usn-508-1 http://www.ubuntu.com/usn/usn-509-1 SUSE http://www.novell.com/linux/security/advisories/2007_53_kernel.html http://www.novell.com/linux/security/advisories/2007_51_kernel.html SAID Secunia Advisory: SA26664 Secunia Advisory: SA27436 Secunia Advisory: SA27322 Secunia Advisory: SA26651 Secunia Advisory: SA26643 Secunia Advisory: SA26500 Secunia Advisory: SA26647 Secunia Advisory: SA27212 Secunia Advisory: SA27227 Secunia Advisory: SA27747 Secunia Advisory: SA29058 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0940.html http://www.redhat.com/support/errata/RHSA-2007-0939.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 http://www.mandriva.com/security/advisories?name=MDKSA-2007:195 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 DEBIAN http://www.debian.org/security/2007/dsa-1363 http://www.debian.org/security/2008/dsa-1504 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.22-git14.log BID 25348

Return to the previous page.