ID CVE-2007-3721
Summary The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
References
Vulnerable Configurations
  • cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 15-11-2008 - 06:53)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
refmap via4
misc http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf
osvdb 39598
Last major update 15-11-2008 - 06:53
Published 12-07-2007 - 16:30
Last modified 15-11-2008 - 06:53
Back to Top