CVE-2007-0997

medium

Description

Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.

References

http://lkml.org/lkml/2006/7/17/140

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18

Details

Source: Mitre, NVD

Published: 2007-09-18

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 6.3

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00036