CVE-2007-3739Improper Restriction of Operations within the Bounds of a Memory Buffer in Redhat Enterprise Linux

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-3996 documents5 sources
Severity
4.7MEDIUMNVD
EPSS
0.1%
top 74.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise Linux
Timeline
PublishedSep 14
Latest updateMay 1

Description

mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages0 packages

Also affects: Enterprise Linux 5.0

🔴Vulnerability Details

1
GHSA
GHSA-g9r8-mr7q-g5r2: mm/mmap2022-05-01

📋Vendor Advisories

2
Ubuntu
linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20 vulnerabilities2007-09-25
Red Hat
LTC36188-Don't allow the stack to grow into hugetlb reserved regions2007-08-31

💬Community

2
Bugzilla
CVE-2007-3739 LTC36188-Don't allow the stack to grow into hugetlb reserved regions2007-09-18
Bugzilla
CVE-2007-3739 LTC36188-Don't allow the stack to grow into hugetlb reserved regions2007-08-17