CVE-2005-0937

Description

Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.

CVSS Metrics

• v2.0•LOW•Score: 1.2AV:L/AC:H/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 0.06%• Percentile: 20%

Affected Systems

• linux•linux_kernel

  2.5.0 | 2.5.1 | 2.5.2 | 2.5.3 | 2.5.4 | 2.5.5 | 2.5.6 | 2.5.7 | 2.5.8 | 2.5.9 | 2.5.10 | 2.5.11 | 2.5.12 | 2.5.13 | 2.5.14 | 2.5.15 | 2.5.16 | 2.5.17 | 2.5.18 | 2.5.19 | 2.5.20 | 2.5.21 | 2.5.22 | 2.5.23 | 2.5.24 | 2.5.25 | 2.5.26 | 2.5.27 | 2.5.28 | 2.5.29 | 2.5.30 | 2.5.31 | 2.5.32 | 2.5.33 | 2.5.34 | 2.5.35 | 2.5.36 | 2.5.37 | 2.5.38 | 2.5.39 | 2.5.40 | 2.5.41 | 2.5.42 | 2.5.43 | 2.5.44 | 2.5.45 | 2.5.46 | 2.5.47 | 2.5.48 | 2.5.49 | 2.5.50 | 2.5.51 | 2.5.52 | 2.5.53 | 2.5.54 | 2.5.55 | 2.5.56 | 2.5.57 | 2.5.58 | 2.5.59 | 2.5.60 | 2.5.61 | 2.5.62 | 2.5.63 | 2.5.64 | 2.5.65 | 2.5.66 | 2.5.67 | 2.5.68 | 2.5.69 | 2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.7 | 2.6.7:rc1 | 2.6.8 | 2.6.8:rc1 | 2.6.8:rc2 | 2.6.8:rc3 | 2.6.9:2.6.20 | 2.6.10 | 2.6.10:rc2 | 2.6.11 | 2.6.11:rc2 | 2.6.11:rc3 | 2.6.11:rc4 | 2.6.11.5 | 2.6.11.6 | 2.6_test9_cvs

References (5)

• http://linux.bkbits.net:8080/linux-2.6/cset%40421cfc11zFsK9gxvSJ2t__FCmuUd3Q
• http://lkml.org/lkml/2005/2/22/123
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10037
• http://www.redhat.com/support/errata/RHSA-2005-420.html
• http://www.securityfocus.com/archive/1/427980/100/0/threaded