#VU95219 Resource management errors in Linux kernel - CVE-2007-5093

Cybersecurity Help s.r.o.

Published: 2007-09-27 | Updated: 2023-02-13

Vulnerability identifier: #VU95219

Vulnerability risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2007-5093

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 'relies on user space to close the device,' which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://marc.info/?l=linux-kernel&m=118873457814808&w=2
https://marc.info/?l=linux-kernel&m=118880154122548&w=2
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6
https://www.securityfocus.com/bid/25504
https://www.debian.org/security/2007/dsa-1381
https://secunia.com/advisories/26994
https://www.mandriva.com/security/advisories?name=MDVSA-2008:008
https://www.ubuntu.com/usn/usn-574-1
https://secunia.com/advisories/28706
https://www.ubuntu.com/usn/usn-558-1
https://secunia.com/advisories/28170
https://www.debian.org/security/2008/dsa-1503
https://www.debian.org/security/2008/dsa-1504
https://www.ubuntu.com/usn/usn-578-1
https://secunia.com/advisories/28971
https://secunia.com/advisories/29058
https://www.mandriva.com/security/advisories?name=MDVSA-2008:105
https://www.redhat.com/support/errata/RHSA-2008-0275.html
https://secunia.com/advisories/30294
https://rhn.redhat.com/errata/RHSA-2008-0972.html
https://secunia.com/advisories/32799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10494

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management errors in Linux kernel