Ubuntu.comUB:CVE-2007-3731CVE-2007-3731
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
10.2%
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT
segment selector in %cs (the xcs field) during ptrace single-step
operations, which allows local users to cause a denial of service (NULL
dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and
PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and
possibly related to the arch_ptrace function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | linux-source-2.6.15 | <Β 2.6.15-29.60 | UNKNOWN |
| ubuntu | 6.10 | noarch | linux-source-2.6.17 | <Β 2.6.17.1-12.41 | UNKNOWN |
| ubuntu | 7.04 | noarch | linux-source-2.6.20 | <Β 2.6.20-16.32 | UNKNOWN |
Related
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
10.2%