CVE-2007-6716

CVSS 5.5 - MEDIUM
Description

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

Affected Products
10
Vendor Product Version
linux linux_kernel All versions
canonical ubuntu_linux 6.06
canonical ubuntu_linux 7.10
canonical ubuntu_linux 8.04
debian debian_linux 4.0
novell linux_desktop 9
opensuse opensuse 10.3
suse suse_linux_enterprise_desktop 10
suse suse_linux_enterprise_server 10
suse suse_linux_enterprise_server 10
References
http://git.kernel.org/?p=linux/kernel/git/torvalds...
http://lists.opensuse.org/opensuse-security-announ...
http://lists.opensuse.org/opensuse-security-announ...
http://lists.opensuse.org/opensuse-security-announ...
http://lists.opensuse.org/opensuse-security-announ...
http://lists.opensuse.org/opensuse-security-announ...
http://lkml.org/lkml/2007/7/30/448
http://rhn.redhat.com/errata/RHSA-2008-0972.html
http://secunia.com/advisories/32023
http://secunia.com/advisories/32103
http://secunia.com/advisories/32237
http://secunia.com/advisories/32356
http://secunia.com/advisories/32370
http://secunia.com/advisories/32393
http://secunia.com/advisories/32759
http://secunia.com/advisories/32799
http://www.debian.org/security/2008/dsa-1653
http://www.kernel.org/pub/linux/kernel/v2.6/Change...
http://www.mandriva.com/security/advisories?name=M...
http://www.openwall.com/lists/oss-security/2008/09...
Weakness Types
NVD-CWE-noinfo
CVE Information
CVE ID:
CVE-2007-6716
Published:
2008-09-04
Modified:
2026-04-23
CVSS Score:
5.5
Severity:
MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Vendors
novell linux canonical suse debian opensuse
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL