CVE-2007-3720

Linux Kernel - Denial of Service

Title source: rule

Description

The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

References (2)

[Third Party Advisory, VDB Entry] http://osvdb.org/37126

[Various Sources] http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf

Scores

EPSS 0.0006

EPSS Percentile 18.7%

Classification

Status draft

Affected Products (1)

linux/linux_kernel

Timeline

Published Jul 12, 2007

Tracked Since Feb 18, 2026