CVE-2005-1768
Vulnerability Summary
Timeline
Description
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.
CVSS Metrics
- v2.0•LOW•Score: 3.7AV:L/AC:H/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 0.10%• Percentile: 28%
Affected Systems
- linux•linux_kernel
2.4.0 | 2.4.0:test1 | 2.4.0:test10 | 2.4.0:test11 | 2.4.0:test12 | 2.4.0:test2 | 2.4.0:test3 | 2.4.0:test4 | 2.4.0:test5 | 2.4.0:test6 | 2.4.0:test7 | 2.4.0:test8 | 2.4.0:test9 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.10 | 2.4.11 | 2.4.12 | 2.4.13 | 2.4.14 | 2.4.15 | 2.4.16 | 2.4.17 | 2.4.18 | 2.4.18:pre1 | 2.4.18:pre2 | 2.4.18:pre3 | 2.4.18:pre4 | 2.4.18:pre5 | 2.4.18:pre6 | 2.4.18:pre7 | 2.4.18:pre8 | 2.4.19 | 2.4.19:pre1 | 2.4.19:pre2 | 2.4.19:pre3 | 2.4.19:pre4 | 2.4.19:pre5 | 2.4.19:pre6 | 2.4.20 | 2.4.21 | 2.4.21:pre1 | 2.4.21:pre4 | 2.4.21:pre7 | 2.4.22 | 2.4.22:pre10 | 2.4.23 | 2.4.23:pre9 | 2.4.23_ow2 | 2.4.24 | 2.4.24_ow1 | 2.4.25 | 2.4.26 | 2.4.27 | 2.4.27:pre1 | 2.4.27:pre2 | 2.4.27:pre3 | 2.4.27:pre4 | 2.4.27:pre5 | 2.4.28 | 2.4.29 | 2.4.29:rc1 | 2.4.29:rc2 | 2.4.30 | 2.4.30:rc2 | 2.4.30:rc3 | 2.4.31:pre1 | 2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.10 | 2.6_test9_cvs
References (16)
- http://marc.info/?l=bugtraq&m=112110120216116&w=2
- http://secunia.com/advisories/15980
- http://securitytracker.com/id?1014442
- http://secunia.com/advisories/18059
- http://secunia.com/advisories/19185
- http://secunia.com/advisories/19607
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11117
- http://www.debian.org/security/2005/dsa-921
- http://www.redhat.com/support/errata/RHSA-2005-551.html
- http://secunia.com/advisories/17002
- http://www.securityfocus.com/bid/14205
- http://www.suresec.org/advisories/adv4.pdf
- ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
- http://www.novell.com/linux/security/advisories/2005_44_kernel.html
- http://www.redhat.com/support/errata/RHSA-2005-663.html
- http://www.vupen.com/english/advisories/2005/1878