CVE-2007-0006

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.9 through 2.6.20 usbvision-kmp-default (affected versions not specified) usbvision-kmp-debug (affected versions not specified) usbvision-kmp-bigsmp (affected versions not specified) usbvision-kmp-xen (affected versions not specified) usbvision-kmp-xenpae (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the usbvision-kmp packages of the openSUSE operating system and a vulnerability in the Linux kernel. These vulnerabilities can be exploited remotely, potentially leading to a denial of service (crash) or disruption of protected information availability. In the case of the Linux kernel, the vulnerability allows local users to cause a denial of service via vectors that trigger a null dereference in the key alloc serial function.

Recommendations For Linux kernel versions 2.6.9 through 2.6.20, update to a version outside of this range to mitigate the risk. For usbvision-kmp-default, consider disabling the package until a patch is available. For usbvision-kmp-debug, restrict access to the package to minimize the risk of exploitation. For usbvision-kmp-bigsmp, avoid using the package in sensitive operations until the issue is resolved. For usbvision-kmp-xen, temporarily disable the package to prevent potential exploitation. For usbvision-kmp-xenpae, restrict usage of the package until a fix is provided. At the moment, there is no information about a newer version that contains a fix for the usbvision-kmp packages.