CVE-2007-6434

Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.

Published: Dec 18, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-6434
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.23	2.6.23.x

http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5
http://osvdb.org/40907
http://secunia.com/advisories/28070
http://www.securityfocus.com/bid/26831
http://www.vupen.com/english/advisories/2007/4200

Vulnerability Database

289,689

CVE-2007-6434