CVE-2007-3720

CVE-2007-3720 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.