admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-64xx/CVE-2007-6417.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

194 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-6417",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-12-18T00:46:00.000",
"lastModified": "2018-10-30T16:25:10.013",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash)."
},
{
"lang": "es",
"value": "La funci\u00f3n shmem_getpage (mm/shmem.c) en el kernel de Linux versi\u00f3n 2.6.11 hasta 2.6.23 no borra de manera apropiada la memoria asignada en algunas circunstancias extra\u00f1as relacionadas con tmpfs, lo que podr\u00eda permitir a los usuarios locales leer datos confidenciales del kernel o causar una denegaci\u00f3n de servicio (bloqueo)."
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2008-0885.html",
"lastModified": "2009-01-15T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2
},
"baseSeverity": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-399"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=linux-kernel&m=119627664702379&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=linux-kernel&m=119743651829347&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=linux-kernel&m=119769771026243&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1436",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:086",
"source": "cve@mitre.org"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:112",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0885.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/27694",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-574-1",
"source": "cve@mitre.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-578-1",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8920",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink