Upstream information

CVE-2007-0006 at MITRE

Description

The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."

SUSE information

Overall state of this security issue: Resolved

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

CVSS v2 Scores
  National Vulnerability Database
Base Score 1.9
Vector AV:L/AC:M/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 243003 [RESOLVED / FIXED]

SUSE Security Advisories:


SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:43:07 2013
CVE page last modified: Sat Sep 21 21:10:26 2024