CVE-2007-4774
MEDIUMLinux Kernel < 2.4.35 - Race Condition via SIGCONT Signal Flooding
Title source: llmDescription
The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
http://taviso.decsystem.org/research.html
Issue Tracking, Third Party Advisory x_refsource_misc
https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200204-0002/
Scores
CVSS v3
5.9
EPSS
0.0174
EPSS Percentile
74.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-362
Status
published
Products (1)
linux/linux_kernel
< 2.4.35
Published
Jan 15, 2020
Tracked Since
Feb 18, 2026