Vulnerability Description
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Enterprise Linux | 5.0 |
| Apple | Powerpc | All versions |
Related Weaknesses (CWE)
References
- http://lkml.org/lkml/2007/1/29/180
- http://secunia.com/advisories/23955
- http://secunia.com/advisories/26760Vendor Advisory
- http://secunia.com/advisories/26955
- http://secunia.com/advisories/26978
- http://secunia.com/advisories/27436
- http://secunia.com/advisories/27747
- http://secunia.com/advisories/27913
- http://secunia.com/advisories/29058
- http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
- http://www.debian.org/security/2007/dsa-1378
- http://www.debian.org/security/2008/dsa-1504
- http://www.redhat.com/support/errata/RHSA-2007-0705.html
- http://www.redhat.com/support/errata/RHSA-2007-0939.html
- http://www.redhat.com/support/errata/RHSA-2007-1049.html
FAQ
What is CVE-2007-3739?
CVE-2007-3739 is a vulnerability with a CVSS score of 4.7 (MEDIUM). mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OO...
How severe is CVE-2007-3739?
CVE-2007-3739 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3739?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Apple Powerpc.