CVE-2007-0822 - umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to tri

CVE-2007-0822

Summary

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*

CVSS

Base:	1.9 (as of 15-09-2010 - 05:43)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:N/A:N

refmap via4

bid	22850
fulldisc	20070201 umount crash and xterm (kind of) information leak!
mandriva	MDKSA-2007:053
misc	http://gotfault.wordpress.com/2007/01/18/umount-bug/
osvdb	33652
sectrack	1017729

statements via4

contributor	Mark J Cox
lastmodified	2007-02-09
organization	Red Hat
statement	Red Hat does not consider this issue to be a security vulnerability. On Red Hat Enterprise Linux processes that change their effective UID do not dump core by default when they receive a fatal signal. Therefore the NULL pointer dereference does not lead to an information leak.

Last major update

15-09-2010 - 05:43

Published

07-02-2007 - 20:28

Last modified

15-09-2010 - 05:43