[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3181Date: (C)2005-10-12   (M)2024-02-02


The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-15076
SECUNIA-17114
SECUNIA-17280
SECUNIA-17364
SECUNIA-17826
SECUNIA-17917
SECUNIA-19374
DSA-1017
FEDORA-2005-1007
FLSA:157459-3
MDKSA-2005:218
MDKSA-2005:219
MDKSA-2005:220
MDKSA-2005:235
RHSA-2005:808
SUSE-SA:2005:067
USN-199-1
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA
oval:org.mitre.oval:def:9467

CWE    1
CWE-401

© SecPod Technologies