Vulnerability CVE-2005-0003


Published: 2005-04-14   Modified: 2012-02-12

Description:
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

Vendor: Avaya
Product: S8710 
Version: r2.0.1; r2.0.0;
Product: S8300 
Version: r2.0.1; r2.0.0;
Product: S8500 
Version: r2.0.1; r2.0.0;
Product: S8700 
Version: r2.0.1; r2.0.0;
Product: Modular messaging message storage server 
Version: 2.0; 1.1;
Product: Converged communications server 
Version: 2.0;
Product: Intuity audix 
Product: Network routing 
Product: Mn100 
Vendor: Mandrakesoft
Product: Mandrake linux 
Version:
9.2
10.1
10.0
Product: Mandrake multi network firewall 
Version: 8.2;
Product: Mandrake linux corporate server 
Version: 3.0; 2.1;
Vendor: Redhat
Product: Enterprise linux desktop 
Version: 3.0;
Product: Enterprise linux 
Version: 3.0;
Vendor: Linux
Product: Linux kernel 
Version:
2.4.9
2.4.8
2.4.7
2.4.6
2.4.5
2.4.4
2.4.3
2.4.29
2.4.28
2.4.27
2.4.26
2.4.25
2.4.24_ow1
2.4.24
2.4.23_ow2
2.4.23
2.4.22
2.4.21
2.4.20
2.4.2
2.4.19
2.4.18
2.4.17
2.4.16
2.4.15
2.4.14
2.4.13
2.4.12
2.4.11
2.4.10
2.4.1
2.4.0

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw
http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg
http://securitytracker.com/id?1012885
http://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
http://www.novell.com/linux/security/advisories/2005_18_kernel.html
http://www.redhat.com/support/errata/RHSA-2005-017.html
http://www.redhat.com/support/errata/RHSA-2005-043.html
http://www.securityfocus.com/bid/12261
http://www.trustix.org/errata/2005/0001/
https://exchange.xforce.ibmcloud.com/vulnerabilities/18886
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512

Related CVE
CVE-2019-17351
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, ak...
CVE-2019-17133
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
CVE-2019-17075
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a D...
CVE-2019-17056
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

Copyright 2019, cxsecurity.com

 

Back to Top