Vulnerabilities > CVE-2007-3721 - Denial-Of-Service vulnerability in FreeBSD

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

freebsd

NVD

Published: 2007-07-12

Updated: 2008-11-15

Summary

The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd *	1

References

http://osvdb.org/39598
http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf