CVE-2007-5966
Publication date 20 December 2007
Last updated 24 July 2024
Ubuntu priority
Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 7.10 gutsy | Not in release |
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
linux-source-2.6.15 | 7.10 gutsy | Not in release |
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper |
Not affected
|
|
linux-source-2.6.17 | 7.10 gutsy | Not in release |
7.04 feisty | Not in release | |
6.10 edgy |
Fixed 2.6.17.1-12.43
|
|
6.06 LTS dapper | Not in release | |
linux-source-2.6.20 | 7.10 gutsy | Not in release |
7.04 feisty |
Fixed 2.6.20-16.34
|
|
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
linux-source-2.6.22 | 7.10 gutsy |
Fixed 2.6.22-14.51
|
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release |
Notes
jdstrand
local DoS with speculation of arbitray code execution (but it’s not confirmed), so setting to medium for now.
References
Related Ubuntu Security Notices (USN)
- USN-574-1
- Linux kernel vulnerabilities
- 4 February 2008