CVE-2007-3723

Name of the Vulnerable Software and Affected Versions Sun Solaris (affected versions not specified)

Description The issue concerns the process scheduler in the Sun Solaris kernel, which does not utilize process statistics kept by the kernel. Instead, it relies on CPU billing gathered from periodic process sampling ticks for scheduling. This allows local users to cause a denial of service by consuming CPU resources. The issue is described in detail in "Secretly Monopolizing the CPU Without Superuser Privileges."

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.