CVE-2007-2878

Linux Kernel < 2.6.21.2 - Denial of Service via VFAT Compat Ioctls

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2878. PoCs published by Bart Oldeman.

AI-analyzed exploit summary This exploit triggers a denial-of-service vulnerability in the Linux Kernel by repeatedly calling the VFAT_IOCTL_READDIR_BOTH ioctl, causing the kernel to crash. The code demonstrates the vulnerability by reading directory entries in a loop until an error occurs.

Description

The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bart Oldeman · cdoslinux

https://www.exploit-db.com/exploits/30080

View Code ZIP pw:eip

This exploit triggers a denial-of-service vulnerability in the Linux Kernel by repeatedly calling the VFAT_IOCTL_READDIR_BOTH ioctl, causing the kernel to crash. The code demonstrates the vulnerability by reading directory entries in a loop until an error occurs.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Linux Kernel (versions affected by CVE-2007-2878)

No auth needed

Prerequisites: Local access to the target system · VFAT filesystem mounted

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (20)

Core 20

Core References

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11674

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27747

Vendor Advisory x_refsource_confirm

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/34669

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0939.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28626

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1479

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-510-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/35926

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2023

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26760

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0705.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-489-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25505

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24134

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-486-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27436

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26139

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26133

Scores

EPSS 0.0088

EPSS Percentile 54.4%

Details

Status published

Products (1)

linux/linux_kernel 2.6.21.1

Published May 29, 2007

Tracked Since Feb 18, 2026