Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0001 — Redhat Enterprise Linux vulnerability

7 documents6 sources

Severity

4.7MEDIUMNVD

EPSS

0.2%

top 57.13%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Redhat Enterprise Linux

Timeline

PublishedMar 2

Latest updateMay 1

Description

The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped.

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages0 packages

Also affects: Enterprise Linux 4.0

Patches

Patch: bugzilla.redhat.com ↗Patch: www.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-v6fh-mg2v-xv8g: The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service↗2007-02-27

▶

📋Vendor Advisories

VMware

Updated service console patches.↗2008-01-07

▶

Red Hat

security flaw↗2007-02-20

▶

💬Community

Bugzilla

CVE-2007-0001 security flaw↗2018-08-16

▶

Bugzilla

CVE-2007-0001 kernel panic watching /etc/passwd↗2007-01-17

▶