CVE-2007-6434

Linux kernel <2.6.23 - Privilege Escalation

Title source: llm

Description

Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.

References (5)

[Exploit] http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5

[Vendor Advisory] http://secunia.com/advisories/28070

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/26831

[Third Party Advisory, VDB Entry] http://osvdb.org/40907

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/4200

Scores

EPSS 0.0006

EPSS Percentile 18.6%

Classification

CWE

CWE-264

Status draft

Affected Products (1)

linux/linux_kernel

Timeline

Published Dec 18, 2007

Tracked Since Feb 18, 2026