CVE-2007-0822
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
07/02/2007
Last modified:
09/04/2025
Description
umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents.
Impact
Base Score 2.0
1.90
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html
- http://gotfault.wordpress.com/2007/01/18/umount-bug/
- http://osvdb.org/33652
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A053
- http://www.securityfocus.com/bid/22850
- http://www.securitytracker.com/id?1017729=
- http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html
- http://gotfault.wordpress.com/2007/01/18/umount-bug/
- http://osvdb.org/33652
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A053
- http://www.securityfocus.com/bid/22850
- http://www.securitytracker.com/id?1017729=