|
|
CVE Reference: CVE-2005-1768 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-1768 |
|
|
Description: Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: SUSE http://www.novell.com/linux/security/advisories/2005_44_kernel.html ST 1014442 SGI SAID Secunia Advisory: SA18059 Secunia Advisory: SA15980 Secunia Advisory: SA17002 Secunia Advisory: SA19185 Secunia Advisory: SA19607 REDHAT http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.redhat.com/support/errata/RHSA-2005-551.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11117 MISC http://www.suresec.org/advisories/adv4.pdf DEBIAN http://www.debian.org/security/2005/dsa-921 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=112110120216116&w=2 BID 14205 |
|
| Return to the previous page. |
