CVE-2007-3731 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-3731
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3731

Description: The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-518-1 SAID Secunia Advisory: SA26935 Secunia Advisory: SA26955 Secunia Advisory: SA26978 Secunia Advisory: SA27322 Secunia Advisory: SA29159 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0940.html MISC http://bugzilla.kernel.org/show_bug.cgi?id=8765 DEBIAN http://www.debian.org/security/2007/dsa-1378 CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0094 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a10d9a71bafd3a283da240d2868e71346d2aef6f http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=29eb51101c02df517ca64ec472d7501127ad1da8 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488972/100/0/threaded BID 25801

Return to the previous page.