CVE-2007-5908

2007-11-09T19:46:00
ID CVE-2007-5908
Type cve
Reporter cve@mitre.org
Modified 2008-09-11T01:02:00

Description

REJECT Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that "There is no way for unprivileged users (or really even the root user) to add new clocksources."