CVE Vulnerabilities

CVE-2007-3848

Published: Aug 14, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
1.9 LOW
AV:L/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux * 2.4.35
Red Hat Enterprise Linux 2.1 RedHat kernel-0:2.4.18-e.67 *
Red Hat Enterprise Linux 2.1 RedHat kernel-0:2.4.9-e.74 *
Red Hat Enterprise Linux 3 RedHat kernel-0:2.4.21-53.EL *
Red Hat Enterprise Linux 4 RedHat kernel-0:2.6.9-55.0.12.EL *
Red Hat Enterprise Linux 5 RedHat kernel-0:2.6.18-8.1.15.el5 *
Linux-source-2.6.15 Ubuntu dapper *
Linux-source-2.6.17 Ubuntu edgy *
Linux-source-2.6.20 Ubuntu feisty *
Linux-source-2.6.22 Ubuntu devel *

References