Unrated severityNVD Advisory· Published Jul 12, 2007· Updated Jun 16, 2026

CVE-2007-3720

Description

The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Affected products

Linux/Kernel2 versions
cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*
- (no CPE)range: 2.4

Patches

Vulnerability mechanics

References

osvdb.org/37126nvd
www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000