CVE-2006-7051

medium

Description

The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.

References

https://www.exploit-db.com/exploits/1657

https://exchange.xforce.ibmcloud.com/vulnerabilities/25712

http://www.securityfocus.com/archive/1/430278/30/5790/threaded

http://securityreason.com/securityalert/2287

Details

Source: Mitre, NVD

Published: 2007-02-24

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00099