CVE-2007-4774

Опубликовано: 15 янв. 2020

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

Ссылки

http://taviso.decsystem.org/research.html
Third Party Advisory
https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60
Issue Tracking
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200204-0002/
http://taviso.decsystem.org/research.html
Third Party Advisory
https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60
Issue Tracking
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200204-0002/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 2.4.35 (включая)

EPSS

Процентиль: 40%

0.00177

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2007-4774

CVSS3: 5.9

ubuntu

больше 5 лет назад

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

CVE-2007-4774

CVSS3: 5.1

redhat

больше 17 лет назад

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

CVE-2007-4774

CVSS3: 5.9

debian

больше 5 лет назад

The Linux kernel before 2.4.36-rc1 has a race condition. It was possib ...

GHSA-rxfx-3hr7-gggr

github

больше 3 лет назад

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

EPSS

Процентиль: 40%

0.00177

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-362