Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2006-7051
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-24 Feb, 2007 | 00:28
Updated At-30 Oct, 2018 | 16:25

The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.0
cpe:2.3:o:linux:linux_kernel:2.6.18.0:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.1
cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.2
cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.3
cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.4
cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.5
cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.6
cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.18.7
cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.19
cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.19.1
cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.19.2
cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.19.3
cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.19.4
cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.20
cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.20.1
cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

This issue can only be exploited if pending signals (ulimit -i) is set to "unlimited". In case of Red Hat Enterprise Linux version 2.1, 3 and 4 this is not the case and therefore they are not vulnerable to this issue.

References
HyperlinkSourceResource
http://securityreason.com/securityalert/2287cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/430278/30/5790/threadedcve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/25712cve@mitre.org
N/A
https://www.exploit-db.com/exploits/1657cve@mitre.org
N/A
Change History
0Changes found
Details not found