CVE-2005-2490
Advisory lineage Upstream: 0 Downstream: 3
Downstream
Modified
Published: 14 Sept 2005, 04:00
Last modified:07 Aug 2024, 22:30
Vulnerability Summary
Overall Risk (default)
low
18/100 CVSS Score
4.6 MEDIUM
v2.0 (nvd)
EPSS Score
0.19% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
14 Sept 2005, 04:00
Published
Vulnerability first disclosed
07 Aug 2024, 22:30
Last Modified
Vulnerability information updated
Description
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
CVSS Metrics
- v2.0•MEDIUM•Score: 4.6AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 0.19%• Percentile: 40%
Affected Systems
- linux•linux_kernel
2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.7 | 2.6.7:rc1 | 2.6.8 | 2.6.8:rc1 | 2.6.8:rc2 | 2.6.8:rc3 | 2.6.9:2.6.20 | 2.6.10 | 2.6.10:rc2 | 2.6.11 | 2.6.11:rc2 | 2.6.11:rc3 | 2.6.11:rc4 | 2.6.11.5 | 2.6.11.6 | 2.6.11.7 | 2.6.11.8 | 2.6.11.11 | 2.6.12:rc1 | 2.6.12:rc4 | 2.6_test9_cvs
References (24)
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
- http://secunia.com/advisories/17073
- http://www.securityfocus.com/archive/1/419522/100/0/threaded
- http://www.securityfocus.com/archive/1/428058/100/0/threaded
- http://www.ubuntu.com/usn/usn-178-1
- http://marc.info/?l=bugtraq&m=112690609622266&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481
- http://www.securityfocus.com/archive/1/428028/100/0/threaded
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1
- http://www.redhat.com/support/errata/RHSA-2005-514.html
- http://secunia.com/advisories/17002
- http://secunia.com/advisories/17826
- http://www.securityfocus.com/bid/14785
- http://secunia.com/advisories/17918
- http://www.securityfocus.com/archive/1/427980/100/0/threaded
- http://www.redhat.com/support/errata/RHSA-2005-663.html
- http://secunia.com/advisories/16747/
- http://www.debian.org/security/2006/dsa-1017
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
- http://www.vupen.com/english/advisories/2005/1878
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22217
- http://secunia.com/advisories/19374