CVE-2007-3104
First published: Tue Jun 26 2007(Updated: )
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux kernel | =2.6.0 | |
| Red Hat Enterprise Linux | =4.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=242558
- http://rhn.redhat.com/errata/RHSA-2007-0488.html
- http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
- http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
- http://www.ubuntu.com/usn/usn-510-1
- http://www.ubuntu.com/usn/usn-508-1
- http://www.ubuntu.com/usn/usn-509-1
- http://www.securityfocus.com/bid/24631
- http://www.securitytracker.com/id?1018289
- http://secunia.com/advisories/25771
- http://secunia.com/advisories/25838
- http://secunia.com/advisories/26289
- http://secunia.com/advisories/26643
- http://secunia.com/advisories/26651
- http://secunia.com/advisories/27912
- http://www.debian.org/security/2007/dsa-1428
- http://secunia.com/advisories/28033
- http://www.redhat.com/support/errata/RHSA-2008-0089.html
- http://secunia.com/advisories/28643
- http://osvdb.org/37115
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11233
Frequently Asked Questions
What is the severity of CVE-2007-3104?
The severity of CVE-2007-3104 is classified as high due to its potential to cause a denial of service.
How does CVE-2007-3104 affect systems?
CVE-2007-3104 allows users to trigger a kernel OOPS by dereferencing a null pointer, resulting in system instability.
Which versions of the Linux kernel are vulnerable to CVE-2007-3104?
CVE-2007-3104 affects the Linux kernel version 2.6.0 and certain distributions like Red Hat Enterprise Linux 4.5.
Is there a known fix for CVE-2007-3104?
To mitigate CVE-2007-3104, users should update to patched versions of the Linux kernel provided by their distribution.
What type of vulnerability is CVE-2007-3104?
CVE-2007-3104 is a denial of service vulnerability that can cause a kernel crash.
- collector/nvd-historical
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.0
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/4.5