Unrated severityNVD Advisory· Published Jul 27, 2007· Updated Jun 16, 2026
CVE-2007-3105
CVE-2007-3105
Description
Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
28- secunia.com/advisories/26500nvdVendor Advisory
- secunia.com/advisories/26643nvdVendor Advisory
- secunia.com/advisories/26647nvdVendor Advisory
- secunia.com/advisories/26651nvdVendor Advisory
- secunia.com/advisories/26664nvdVendor Advisory
- secunia.com/advisories/27212nvdVendor Advisory
- secunia.com/advisories/27227nvdVendor Advisory
- secunia.com/advisories/27322nvdVendor Advisory
- secunia.com/advisories/27436nvdVendor Advisory
- secunia.com/advisories/27747nvdVendor Advisory
- secunia.com/advisories/29058nvdVendor Advisory
- support.avaya.com/elmodocs2/security/ASA-2007-474.htmnvd
- www.debian.org/security/2007/dsa-1363nvd
- www.debian.org/security/2008/dsa-1504nvd
- www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.22-git14.lognvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_51_kernel.htmlnvd
- www.novell.com/linux/security/advisories/2007_53_kernel.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0939.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0940.htmlnvd
- www.securityfocus.com/bid/25348nvd
- www.ubuntu.com/usn/usn-508-1nvd
- www.ubuntu.com/usn/usn-509-1nvd
- www.ubuntu.com/usn/usn-510-1nvd
- issues.rpath.com/browse/RPL-1650nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10371nvd
News mentions
0No linked articles in our index yet.