Vulnerabilities > CVE-2005-0210 - Resource Management Errors vulnerability in Linux Kernel 2.6.8.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SA_2005_018.NASL description The remote host is missing the patch for the advisory SUSE-SA:2005:018 (kernel). The Linux kernel is the core component of the Linux system. Several vulnerabilities were reported in the last few weeks which are fixed by this update. last seen 2020-06-01 modified 2020-06-02 plugin id 17617 published 2005-03-25 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17617 title SUSE-SA:2005:018: kernel code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:018 # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(17617); script_version ("1.12"); script_cve_id("CVE-2004-0814", "CVE-2004-1333", "CVE-2005-0003", "CVE-2005-0209", "CVE-2005-0210", "CVE-2005-0384", "CVE-2005-0449", "CVE-2005-0504", "CVE-2005-0529", "CVE-2005-0530", "CVE-2005-0532"); name["english"] = "SUSE-SA:2005:018: kernel"; script_name(english:name["english"]); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a vendor-supplied security patch" ); script_set_attribute(attribute:"description", value: "The remote host is missing the patch for the advisory SUSE-SA:2005:018 (kernel). The Linux kernel is the core component of the Linux system. Several vulnerabilities were reported in the last few weeks which are fixed by this update." ); script_set_attribute(attribute:"solution", value: "http://www.suse.de/security/advisories/2005_18_kernel.html" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(20, 119, 399); script_set_attribute(attribute:"plugin_publication_date", value: "2005/03/25"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_end_attributes(); summary["english"] = "Check for the version of the kernel package"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); family["english"] = "SuSE Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/SuSE/rpm-list"); exit(0); } include("rpm.inc"); if ( rpm_check( reference:"k_athlon-2.4.20-131", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_deflt-2.4.20-131", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_psmp-2.4.20-131", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_smp-2.4.20-131", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-source-2.4.20.SuSE-131", release:"SUSE8.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"Intel-536ep-4.62-23", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"Intel-v92ham-4.53-23", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_athlon-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_deflt-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_smp-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_smp4G-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"k_um-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-source-2.4.21-280", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"ltmodem-8.26a-212", release:"SUSE9.0") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-bigsmp-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-default-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-smp-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-source-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-syms-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"ltmodem-2.6.2-38.14", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-docs-2.6.5-7.151", release:"SUSE9.1") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"Intel-536ep-4.69-5.6", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-bigsmp-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-bigsmp-nongpl-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-default-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-default-nongpl-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-smp-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-smp-nongpl-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-source-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-syms-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-um-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-um-nongpl-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"ltmodem-8.31a8-6.6", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"um-host-install-initrd-1.0-48.6", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"um-host-kernel-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"kernel-docs-2.6.8-24.13", release:"SUSE9.2") ) { security_hole(0); exit(0); } if (rpm_exists(rpm:"kernel-", release:"SUSE8.2") || rpm_exists(rpm:"kernel-", release:"SUSE9.0") || rpm_exists(rpm:"kernel-", release:"SUSE9.1") || rpm_exists(rpm:"kernel-", release:"SUSE9.2") ) { set_kb_item(name:"CVE-2004-0814", value:TRUE); set_kb_item(name:"CVE-2004-1333", value:TRUE); set_kb_item(name:"CVE-2005-0003", value:TRUE); set_kb_item(name:"CVE-2005-0209", value:TRUE); set_kb_item(name:"CVE-2005-0210", value:TRUE); set_kb_item(name:"CVE-2005-0384", value:TRUE); set_kb_item(name:"CVE-2005-0449", value:TRUE); set_kb_item(name:"CVE-2005-0504", value:TRUE); set_kb_item(name:"CVE-2005-0529", value:TRUE); set_kb_item(name:"CVE-2005-0530", value:TRUE); set_kb_item(name:"CVE-2005-0532", value:TRUE); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-366.NASL description Updated kernel packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 9 August 2005] The advisory text has been updated to show that this update fixed the security issue named CVE-2005-0210 but not CVE-2005-0209. The issue CVE-2005-0209 was actually fixed by RHSA-2005:420. No changes have been made to the packages associated with this advisory. The Linux kernel handles the basic functions of the operating system. A flaw in the fib_seq_start function was discovered. A local user could use this flaw to cause a denial of service (system crash) via /proc/net/route. (CVE-2005-1041) A flaw in the tmpfs file system was discovered. A local user could use this flaw to cause a denial of service (system crash). (CVE-2005-0977) An integer overflow flaw was found when writing to a sysfs file. A local user could use this flaw to overwrite kernel memory, causing a denial of service (system crash) or arbitrary code execution. (CVE-2005-0867) Keith Owens reported a flaw in the Itanium unw_unwind_to_user function. A local user could use this flaw to cause a denial of service (system crash) on Itanium architectures. (CVE-2005-0135) A flaw in the NFS client O_DIRECT error case handling was discovered. A local user could use this flaw to cause a denial of service (system crash). (CVE-2005-0207) A small memory leak when defragmenting local packets was discovered that affected the Linux 2.6 kernel netfilter subsystem. A local user could send a large number of carefully crafted fragments leading to memory exhaustion (CVE-2005-0210) A flaw was discovered in the Linux PPP driver. On systems allowing remote users to connect to a server using ppp, a remote client could cause a denial of service (system crash). (CVE-2005-0384) A flaw was discovered in the ext2 file system code. When a new directory is created, the ext2 block written to disk is not initialized, which could lead to an information leak if a disk image is made available to unprivileged users. (CVE-2005-0400) A flaw in fragment queuing was discovered that affected the Linux kernel netfilter subsystem. On systems configured to filter or process network packets (e.g. firewalling), a remote attacker could send a carefully crafted set of fragmented packets to a machine and cause a denial of service (system crash). In order to sucessfully exploit this flaw, the attacker would need to know or guess some aspects of the firewall ruleset on the target system. (CVE-2005-0449) A number of flaws were found in the Linux 2.6 kernel. A local user could use these flaws to read kernel memory or cause a denial of service (crash). (CVE-2005-0529, CVE-2005-0530, CVE-2005-0531) An integer overflow in sys_epoll_wait in eventpoll.c was discovered. A local user could use this flaw to overwrite low kernel memory. This memory is usually unused, not usually resulting in a security consequence. (CVE-2005-0736) A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). (CVE-2005-0749) A flaw was discovered in the bluetooth driver system. On systems where the bluetooth modules are loaded, a local user could use this flaw to gain elevated (root) privileges. (CVE-2005-0750) A race condition was discovered that affected the Radeon DRI driver. A local user who has DRI privileges on a Radeon graphics card may be able to use this flaw to gain root privileges. (CVE-2005-0767) Multiple range checking flaws were discovered in the iso9660 file system handler. An attacker could create a malicious file system image which would cause a denial or service or potentially execute arbitrary code if mounted. (CVE-2005-0815) A flaw was discovered when setting line discipline on a serial tty. A local user may be able to use this flaw to inject mouse movements or keystrokes when another user is logged in. (CVE-2005-0839) Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Please note that last seen 2020-06-01 modified 2020-06-02 plugin id 18095 published 2005-04-19 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18095 title RHEL 4 : kernel (RHSA-2005:366) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-95-1.NASL description A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. (CAN-2005-0209) The Netfilter code also contained a memory leak. Certain locally generated packet fragments are reassembled twice, which caused a double allocation of a data structure. This could be locally exploited to crash the machine due to kernel memory exhaustion. (CAN-2005-0210) Ben Martel and Stephen Blackheath found a remote Denial of Service vulnerability in the PPP driver. This allowed a malicious pppd client to crash the server machine. (CAN-2005-0384) Georgi Guninski discovered a buffer overflow in the ATM driver. The atm_get_addr() function does not validate its arguments sufficiently, which could allow a local attacker to overwrite large portions of kernel memory by supplying a negative length argument. This could eventually lead to arbitrary code execution. (CAN-2005-0531) Georgi Guninski also discovered three other integer comparison problems in the TTY layer, in the /proc interface and the ReiserFS driver. However, the previous Ubuntu security update (kernel version 2.6.8.1-16.11) already contained a patch which checks the arguments to these functions at a higher level and thus prevents these flaws from being exploited. (CAN-2005-0529, CAN-2005-0530, CAN-2005-0532) Georgi Guninski discovered an integer overflow in the sys_epoll_wait() function which allowed local users to overwrite the first few kB of physical memory. However, very few applications actually use this space (dosemu is a notable exception), but potentially this could lead to privilege escalation. (CAN-2005-0736) Eric Anholt discovered a race condition in the Radeon DRI driver. In some cases this allowed a local user with DRI privileges on a Radeon card to execute arbitrary code with root privileges. Finally this update fixes a regression in the NFS server driver which was introduced in the previous security update (kernel version 2.6.8.1-16.11). We apologize for the inconvenience. (https://bugzilla.ubuntulinux.org/show_bug.cgi?id=6749) Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20721 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20721 title Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-95-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-366.NASL description Updated kernel packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 9 August 2005] The advisory text has been updated to show that this update fixed the security issue named CVE-2005-0210 but not CVE-2005-0209. The issue CVE-2005-0209 was actually fixed by RHSA-2005:420. No changes have been made to the packages associated with this advisory. The Linux kernel handles the basic functions of the operating system. A flaw in the fib_seq_start function was discovered. A local user could use this flaw to cause a denial of service (system crash) via /proc/net/route. (CVE-2005-1041) A flaw in the tmpfs file system was discovered. A local user could use this flaw to cause a denial of service (system crash). (CVE-2005-0977) An integer overflow flaw was found when writing to a sysfs file. A local user could use this flaw to overwrite kernel memory, causing a denial of service (system crash) or arbitrary code execution. (CVE-2005-0867) Keith Owens reported a flaw in the Itanium unw_unwind_to_user function. A local user could use this flaw to cause a denial of service (system crash) on Itanium architectures. (CVE-2005-0135) A flaw in the NFS client O_DIRECT error case handling was discovered. A local user could use this flaw to cause a denial of service (system crash). (CVE-2005-0207) A small memory leak when defragmenting local packets was discovered that affected the Linux 2.6 kernel netfilter subsystem. A local user could send a large number of carefully crafted fragments leading to memory exhaustion (CVE-2005-0210) A flaw was discovered in the Linux PPP driver. On systems allowing remote users to connect to a server using ppp, a remote client could cause a denial of service (system crash). (CVE-2005-0384) A flaw was discovered in the ext2 file system code. When a new directory is created, the ext2 block written to disk is not initialized, which could lead to an information leak if a disk image is made available to unprivileged users. (CVE-2005-0400) A flaw in fragment queuing was discovered that affected the Linux kernel netfilter subsystem. On systems configured to filter or process network packets (e.g. firewalling), a remote attacker could send a carefully crafted set of fragmented packets to a machine and cause a denial of service (system crash). In order to sucessfully exploit this flaw, the attacker would need to know or guess some aspects of the firewall ruleset on the target system. (CVE-2005-0449) A number of flaws were found in the Linux 2.6 kernel. A local user could use these flaws to read kernel memory or cause a denial of service (crash). (CVE-2005-0529, CVE-2005-0530, CVE-2005-0531) An integer overflow in sys_epoll_wait in eventpoll.c was discovered. A local user could use this flaw to overwrite low kernel memory. This memory is usually unused, not usually resulting in a security consequence. (CVE-2005-0736) A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). (CVE-2005-0749) A flaw was discovered in the bluetooth driver system. On systems where the bluetooth modules are loaded, a local user could use this flaw to gain elevated (root) privileges. (CVE-2005-0750) A race condition was discovered that affected the Radeon DRI driver. A local user who has DRI privileges on a Radeon graphics card may be able to use this flaw to gain root privileges. (CVE-2005-0767) Multiple range checking flaws were discovered in the iso9660 file system handler. An attacker could create a malicious file system image which would cause a denial or service or potentially execute arbitrary code if mounted. (CVE-2005-0815) A flaw was discovered when setting line discipline on a serial tty. A local user may be able to use this flaw to inject mouse movements or keystrokes when another user is logged in. (CVE-2005-0839) Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Please note that last seen 2020-06-01 modified 2020-06-02 plugin id 21928 published 2006-07-05 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21928 title CentOS 3 / 4 : kernel (CESA-2005:366) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-663.NASL description Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. This is the sixth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include : - diskdump support on HP Smart Array devices - netconsole/netdump support over bonded interfaces - new chipset and device support via PCI table updates - support for new last seen 2020-06-01 modified 2020-06-02 plugin id 19832 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19832 title RHEL 3 : kernel (RHSA-2005:663) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2005-663.NASL description Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. This is the sixth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include : - diskdump support on HP Smart Array devices - netconsole/netdump support over bonded interfaces - new chipset and device support via PCI table updates - support for new last seen 2020-06-01 modified 2020-06-02 plugin id 21849 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21849 title CentOS 3 : kernel (CESA-2005:663) NASL family Fedora Local Security Checks NASL id FEDORA_2005-262.NASL description - Sun Mar 27 2005 Dave Jones <davej at redhat.com> - Catch up with all recent security issues. - CVE-2005-0210 : dst leak - CVE-2005-0384 : ppp dos - CVE-2005-0531 : Sign handling issues. - CVE-2005-0400 : EXT2 information leak. - CVE-2005-0449 : Remote oops. - CVE-2005-0736 : Epoll overflow - CVE-2005-0749 : ELF loader may kfree wrong memory. - CVE-2005-0750 : Missing range checking in bluetooth - CVE-2005-0767 : drm race in radeon - CVE-2005-0815 : Corrupt isofs images could cause oops. - Tue Mar 22 2005 Dave Jones <davej at redhat.com> - Fix swapped parameters to memset in ieee802.11 code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18324 published 2005-05-19 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18324 title Fedora Core 2 : kernel-2.6.10-1.771_FC2 (2005-262) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-219.NASL description Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this update : An integer overflow in vc_resize (CVE-2004-1333). A race condition in the sysfs_read_file and sysfs_write_file functions in 2.6.10 and earlier allows local users to read kernel memory and cause a DoS (crash) via large offsets in sysfs files (CVE-2004-2302). An integer signedness error in scsi_ioctl.c (CVE-2005-0180). Netfilter allows a local user to cause a DoS (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice (CVE-2005-0210). A DoS in pkt_ioctl in pktcdvc.c (CVE-2005-1589). An array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c allows local users to cause a DoS (oops or deadlock) and possibly execute arbitrary code (CVE-2005-2456). The zisofs driver in versions prior to 2.6.12.5 allows local users and remove attackers to cause a DoS (crash) via a crafted compressed ISO filesystem (CVE-2005-2457). inflate.c in the zlib routines in versions prior to 2.6.12.5 allow remove attackers to cause a DoS (crash) via a compressed file with last seen 2020-06-01 modified 2020-06-02 plugin id 20450 published 2006-01-15 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20450 title Mandrake Linux Security Advisory : kernel (MDKSA-2005:219) NASL family Fedora Local Security Checks NASL id FEDORA_2005-313.NASL description This update rebases the kernel to the latest upstream stable release, which fixes a number of security issues. Notably : - CVE-2005-0210 : dst leak - CVE-2005-0384 : ppp dos - CVE-2005-0531 : Sign handling issues. - CVE-2005-0400 : EXT2 information leak. - CVE-2005-0449 : Remote oops. - CVE-2005-0736 : Epoll overflow - CVE-2005-0749 : ELF loader may kfree wrong memory. - CVE-2005-0750 : Missing range checking in bluetooth - CVE-2005-0767 : drm race in radeon - CVE-2005-0815 : Corrupt isofs images could cause oops Additionally, a large number of improvements have come from the 2.6.10 -> 2.6.11 transition. This update requires you are running the latest udev package, and also (if you are using SELinux) the latest selinux policy packages. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 19648 published 2005-09-12 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19648 title Fedora Core 3 : kernel-2.6.11-1.14_FC3 (2005-313)
Oval
| accepted | 2013-04-29T04:04:14.164-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:10275 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000945
- http://marc.info/?l=bugtraq&m=111091402626556&w=2
- http://rhn.redhat.com/errata/RHSA-2005-366.html
- http://rhn.redhat.com/errata/RHSA-2005-663.html
- http://secunia.com/advisories/14295
- http://secunia.com/advisories/17002
- http://secunia.com/advisories/17826
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
- http://www.novell.com/linux/security/advisories/2005_18_kernel.html
- http://www.osvdb.org/14966
- http://www.securityfocus.com/bid/12816
- http://www.vupen.com/english/advisories/2005/1878
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10275