CVE-2007-6716
First published: Thu Sep 04 2008(Updated: )
Description of problem: To avoid exposing ourselves to the risk of finding another field like .map_bh.b_state where we rely on zeroing but don't enforce it in the code. The fix uses kzalloc to zero all the struct dio rather than manually trying to track which fields we rely on being zero. Reference: <a href="http://lkml.org/lkml/2007/7/26/88">http://lkml.org/lkml/2007/7/26/88</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | <2.6.23 | |
| Ubuntu | =6.06 | |
| Ubuntu | =7.10 | |
| Ubuntu | =8.04 | |
| Debian | =4.0 | |
| Novell Linux Desktop | =9 | |
| SUSE Linux | =10.3 | |
| SUSE Linux Enterprise Desktop | =10-sp2 | |
| SUSE Linux Enterprise Server | =10-sp1 | |
| SUSE Linux Enterprise Server | =10-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lkml.org/lkml/2007/7/30/448
- http://www.openwall.com/lists/oss-security/2008/09/04/1
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=848c4dd5153c7a0de55470ce99a8e13a63b4703f
- https://bugzilla.redhat.com/show_bug.cgi?id=461082
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23
- http://www.redhat.com/support/errata/RHSA-2008-0885.html
- http://secunia.com/advisories/32023
- http://www.ubuntu.com/usn/usn-659-1
- http://secunia.com/advisories/32393
- http://secunia.com/advisories/32799
- http://rhn.redhat.com/errata/RHSA-2008-0972.html
- http://secunia.com/advisories/32759
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
- http://secunia.com/advisories/32103
- http://secunia.com/advisories/32237
- http://www.securityfocus.com/bid/31515
- http://www.debian.org/security/2008/dsa-1653
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:220
- http://secunia.com/advisories/32356
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html
- http://secunia.com/advisories/32370
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053
- http://lkml.org/lkml/2007/7/26/88
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=315715&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=315715&action=edit
- http://freshmeat.net/projects/fio/
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=315718
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=315718&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2
- https://bugzilla.redhat.com/attachment.cgi?id=315718
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f
Frequently Asked Questions
What is the severity of CVE-2007-6716?
CVE-2007-6716 is classified as a high severity vulnerability due to its potential to lead to memory corruption.
How do I fix CVE-2007-6716?
To fix CVE-2007-6716, you should upgrade to a patched version of the Linux kernel or the affected distribution.
Which systems are affected by CVE-2007-6716?
CVE-2007-6716 affects various versions of Linux kernel, Ubuntu, Debian, Novell, and openSUSE systems.
What kind of vulnerability is CVE-2007-6716?
CVE-2007-6716 is a memory corruption vulnerability that occurs due to improper handling of structure initialization.
Is CVE-2007-6716 exploitable remotely?
CVE-2007-6716 can potentially be exploited locally but has implications that could allow for remote exploitation.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2007-6716
- agent/trending
- agent/source
- agent/author
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- collector/nvd-index
- vendor/linux
- canonical/linux kernel
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/6.06
- version/ubuntu/7.10
- version/ubuntu/8.04
- vendor/debian
- canonical/debian
- version/debian/4.0
- vendor/novell
- canonical/novell linux desktop
- version/novell linux desktop/9
- vendor/opensuse
- canonical/suse linux
- version/suse linux/10.3
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/10-sp2
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp1
- version/suse linux enterprise server/10-sp2