CVE-2007-5908 - Vulnerability Details

CVE-2007-5908 - Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel

Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that "There is no way for unprivileged users (or really even the root user) to add new clocksources.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.cve.org/CVERecord?id=CVE-2007-5908

History

Wed, 28 May 2025 14:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2007-5908

Thu, 22 May 2025 04:30:00 +0000

Type	Values Removed	Values Added
References	https://nvd.nist.gov/vuln/detail/CVE-2007-5908 https://www.cve.org/CVERecord?id=CVE-2007-5908

MITRE

Status: REJECTED

Assigner: mitre

Published: 2007-11-09T19:00:00

Updated: 2007-11-28T10:00:00

Reserved: 2007-11-09T00:00:00

Link: CVE-2007-5908

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2007-11-09T19:46:00.000

Modified: 2023-11-07T02:01:24.240

Link: CVE-2007-5908

Redhat

Severity : Important

Publid Date: 2007-11-08T00:00:00Z

Links: CVE-2007-5908 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object