Published: 14/09/2005 Updated: 19/10/2018

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 prior to 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.0
linux linux kernel 2.6.10
linux linux kernel 2.6.11
linux linux kernel 2.6.11.11
linux linux kernel 2.6.12
linux linux kernel 2.6.11.5
linux linux kernel 2.6.11.6
linux linux kernel 2.6.2
linux linux kernel 2.6.7
linux linux kernel 2.6.8
linux linux kernel 2.6.1
linux linux kernel 2.6.5
linux linux kernel 2.6.6
linux linux kernel 2.6.9
linux linux kernel 2.6_test9_cvs
linux linux kernel 2.6.11.7
linux linux kernel 2.6.11.8
linux linux kernel 2.6.3
linux linux kernel 2.6.4

Oleg Nesterov discovered a local Denial of Service vulnerability in the timer handling When a non group-leader thread called exec() to execute a different program while an itimer was pending, the timer expiry would signal the old group leader task, which did not exist any more This caused a kernel panic This vulnerability only affects Ubuntu 50 ...

Synopsis Updated kernel packages available for Red Hat Enterprise Linux 4 Update 2 Type/Severity Security Advisory: Important Topic Updated kernel packages are now available as part of ongoing supportand maintenance of Red Hat Enterprise Linux version 4 This is thesecond regular updateThis update has bee ...

Synopsis Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6 Type/Severity Security Advisory: Important Topic Updated kernel packages are now available as part of ongoing support andmaintenance of Red Hat Enterprise Linux version 3 This is the sixthregular updateThis security adviso ...

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-1017 Multiple overflows exist in the io_edgeport driver which might be usable as a denial of ...

NVD-CWE-Other https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1 http://www.ubuntu.com/usn/usn-178-1 http://www.securityfocus.com/bid/14785 http://secunia.com/advisories/16747/http://secunia.com/advisories/17918 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.debian.org/security/2006/dsa-1017 http://secunia.com/advisories/17073 http://secunia.com/advisories/17826 http://secunia.com/advisories/19374 http://secunia.com/advisories/17002 http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 http://www.vupen.com/english/advisories/2005/1878 http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 https://exchange.xforce.ibmcloud.com/vulnerabilities/22217 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481 http://www.securityfocus.com/archive/1/428058/100/0/threaded http://www.securityfocus.com/archive/1/428028/100/0/threaded http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.securityfocus.com/archive/1/419522/100/0/threaded https://usn.ubuntu.com/178-1/https://nvd.nist.gov

CVE-2005-2490

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect