Medium severity5.5NVD Advisory· Published Sep 4, 2008· Updated Apr 23, 2026

CVE-2007-6716

Description

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.23
Canonical (company)/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Novell/Linux Desktop
cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server2 versions
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2008/09/04/1nvdMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
lkml.org/lkml/2007/7/30/448nvdExploitMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.htmlnvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2008-0972.htmlnvdThird Party Advisory
www.debian.org/security/2008/dsa-1653nvdThird Party Advisory
www.securityfocus.com/bid/31515nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/usn-659-1nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053nvdThird Party Advisory
secunia.com/advisories/32023nvdBroken Link
secunia.com/advisories/32103nvdBroken Link
secunia.com/advisories/32237nvdBroken Link
secunia.com/advisories/32356nvdBroken Link
secunia.com/advisories/32370nvdBroken Link
secunia.com/advisories/32393nvdBroken Link
secunia.com/advisories/32759nvdBroken Link
secunia.com/advisories/32799nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23nvdBroken Link
www.mandriva.com/security/advisoriesnvdBroken Link
www.redhat.com/support/errata/RHSA-2008-0885.htmlnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000