CVE-2007-5908

Name: CVE-2007-5908
Creator: NVD / NIST
Published: 2007-11-09T19:46:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

Unknown

Last modified Nov 7, 2023

CVE-2007-5908 is a vulnerability of currently unknown severity. Rejected reason: Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that "There is no way for unprivileged users (or really even the root user) to add new clocksources..

Description

Rejected reason: Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that "There is no way for unprivileged users (or really even the root user) to add new clocksources.

Timeline

Published: Nov 9, 2007
Last Modified: Nov 7, 2023
Status: Rejected

Frequently Asked Questions

What is CVE-2007-5908?

How severe is CVE-2007-5908?

Severity scoring for CVE-2007-5908 is pending analysis.

How do I fix CVE-2007-5908?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-5908?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST