Lucene search

[email protected]CVE-2007-3720

HistoryJul 12, 2007 - 4:30 p.m.

CVE-2007-3720

2007-07-1216:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

linux

kernel

denial of service

cpu consumption

security vulnerability

nvd

cve-2007-3720

6.9 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in “Secretly Monopolizing the CPU Without Superuser Privileges.”

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.4.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.4.0

References

osvdb.org/37126

www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf

6.9 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-3720

prion1