CVE-2007-3722 : The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CP

The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Published 2007-07-12 16:30:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2007-3722

Freebsd » Freebsd
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-3722

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-3722

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2007-3722

Jump to

Vulnerability Details : CVE-2007-3722

Products affected by CVE-2007-3722

Exploit prediction scoring system (EPSS) score for CVE-2007-3722

CVSS scores for CVE-2007-3722

References for CVE-2007-3722