CVE-2007-6712 - OpenCVE

Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Kernel	Linux Kernel

Configuration 1 [-]

cpe:2.3:a:kernel:linux_kernel:2.6.21_rc4:*:x64:*:*:*:*:*

References

Link	Resource
http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git%3Ba=commitdiff%3Bh=13788ccc41ceea5893f9c747c59bc0b28f2416c2
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
http://secunia.com/advisories/30294
http://secunia.com/advisories/30368
http://secunia.com/advisories/30818
http://secunia.com/advisories/31107
http://secunia.com/advisories/31628
http://www.debian.org/security/2008/dsa-1588
http://www.redhat.com/support/errata/RHSA-2008-0275.html
http://www.redhat.com/support/errata/RHSA-2008-0585.html
http://www.securityfocus.com/bid/29294
http://www.ubuntu.com/usn/usn-625-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/41827
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9210

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-04-12T19:00:00

Updated: 2017-09-28T12:57:01

Reserved: 2008-04-12T00:00:00

Link: CVE-2007-6712

JSON object: View

NVD Information

Status : Modified

Published: 2008-04-12T19:05:00.000

Modified: 2023-11-07T02:01:36.680

Link: CVE-2007-6712

JSON object: View

Redhat Information

No data.

CWE

CWE-189

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-16T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2008:0275", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0275.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git%3Ba=commitdiff%3Bh=13788ccc41ceea5893f9c747c59bc0b28f2416c2"}, {"name": "30294", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30294"}, {"name": "30368", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30368"}, {"name": "oval:org.mitre.oval:def:9210", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9210"}, {"name": "linux-kernel-hrtimerforward-dos(41827)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41827"}, {"name": "DSA-1588", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1588"}, {"name": "RHSA-2008:0585", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"}, {"name": "31107", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31107"}, {"name": "31628", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31628"}, {"name": "USN-625-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-625-1"}, {"name": "SUSE-SA:2008:030", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"name": "29294", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29294"}, {"name": "30818", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30818"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6712", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2008:0275", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0275.html"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git;a=commitdiff;h=13788ccc41ceea5893f9c747c59bc0b28f2416c2", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git;a=commitdiff;h=13788ccc41ceea5893f9c747c59bc0b28f2416c2"}, {"name": "30294", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30294"}, {"name": "30368", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30368"}, {"name": "oval:org.mitre.oval:def:9210", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9210"}, {"name": "linux-kernel-hrtimerforward-dos(41827)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41827"}, {"name": "DSA-1588", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1588"}, {"name": "RHSA-2008:0585", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"}, {"name": "31107", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31107"}, {"name": "31628", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31628"}, {"name": "USN-625-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-625-1"}, {"name": "SUSE-SA:2008:030", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"name": "29294", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29294"}, {"name": "30818", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30818"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6712", "datePublished": "2008-04-12T19:00:00", "dateReserved": "2008-04-12T00:00:00", "dateUpdated": "2017-09-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kernel:linux_kernel:2.6.21_rc4:*:x64:*:*:*:*:*", "matchCriteriaId": "C6D37A03-867E-4925-8E6F-22AB678A9E26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired."}, {"lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n hrtimer_forward function (hrtimer.c) en el kernel 2.6.21-rc4 de Linux, cuando corren en sistemas de 64-bit, permite a los usuarios locales provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un temporizador con un valor de caducidad largo, que provoca que el temporizador est\u00e9 siempre expirado."}], "id": "CVE-2007-6712", "lastModified": "2023-11-07T02:01:36.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-04-12T19:05:00.000", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git%3Ba=commitdiff%3Bh=13788ccc41ceea5893f9c747c59bc0b28f2416c2"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30294"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30368"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30818"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31107"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31628"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1588"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0275.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29294"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-625-1"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41827"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9210"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}