Published: 11/07/2005 Updated: 11/10/2017

CVSS v2 Base Score: 3.7 | Impact Score: 6.4 | Exploitability Score: 1.9

VMScore: 329

Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P

Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 prior to 2.4.31 and 2.6 prior to 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.4.0
linux linux kernel 2.4.15
linux linux kernel 2.4.16
linux linux kernel 2.4.18
linux linux kernel 2.4.19
linux linux kernel 2.4.21
linux linux kernel 2.4.22
linux linux kernel 2.4.1
linux linux kernel 2.4.10
linux linux kernel 2.4.17
linux linux kernel 2.4.2
linux linux kernel 2.4.23
linux linux kernel 2.4.27
linux linux kernel 2.4.29
linux linux kernel 2.4.3
linux linux kernel 2.6.0
linux linux kernel 2.6.1
linux linux kernel 2.6.5
linux linux kernel 2.6.6
linux linux kernel 2.4.13
linux linux kernel 2.4.14
linux linux kernel 2.4.24
linux linux kernel 2.4.24_ow1
linux linux kernel 2.4.25
linux linux kernel 2.4.28
linux linux kernel 2.4.30
linux linux kernel 2.4.31
linux linux kernel 2.6.10
linux linux kernel 2.6.2
linux linux kernel 2.4.11
linux linux kernel 2.4.12
linux linux kernel 2.4.20
linux linux kernel 2.4.23_ow2
linux linux kernel 2.6_test9_cvs
linux linux kernel 2.4.26
linux linux kernel 2.6.3
linux linux kernel 2.6.4

Synopsis Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6 Type/Severity Security Advisory: Important Topic Updated kernel packages are now available as part of ongoing support andmaintenance of Red Hat Enterprise Linux version 3 This is the sixthregular updateThis security adviso ...

Synopsis kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages are now available to correct security issues andbugs for Red Hat Enterprise Linux version 21 (Itanium)This update has been rated as having important security impact by theRed Hat Security Response Team ...

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-0756 Alexander Nyberg discovered that the ptrace() system call does not properly verify addre ...

NVD-CWE-Other http://www.suresec.org/advisories/adv4.pdf http://www.novell.com/linux/security/advisories/2005_44_kernel.html http://www.securityfocus.com/bid/14205 http://www.debian.org/security/2005/dsa-921 http://secunia.com/advisories/18059 http://securitytracker.com/id?1014442 http://secunia.com/advisories/15980 http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://secunia.com/advisories/17002 http://secunia.com/advisories/19185 ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U http://secunia.com/advisories/19607 http://www.vupen.com/english/advisories/2005/1878 http://marc.info/?l=bugtraq&m=112110120216116&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11117 https://access.redhat.com/errata/RHSA-2005:663 https://nvd.nist.gov https://www.debian.org/security/./dsa-921

CVE-2005-1768

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect