| 1 |
Candidate: CVE-2005-2098
|
| 2 |
References:
|
| 3 |
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2098
|
| 4 |
Final-Decision:
|
| 5 |
Interim-Decision:
|
| 6 |
Modified:
|
| 7 |
Proposed:
|
| 8 |
Assigned: 20050630
|
| 9 |
Category: SF
|
| 10 |
CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
|
| 11 |
UBUNTU:USN-169-1
|
| 12 |
URL:http://www.ubuntulinux.org/support/documentation/usn/usn-169-1
|
| 13 |
SECUNIA:16355
|
| 14 |
URL:http://secunia.com/advisories/16355/
|
| 15 |
Description:
|
| 16 |
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before
|
| 17 |
2.6.12.5 contains an error path that does not properly release the
|
| 18 |
session management semaphore, which allows local users or remote
|
| 19 |
attackers to cause a denial of service (semaphore hang) via a new
|
| 20 |
session keyring (1) with an empty name string, (2) with a long name
|
| 21 |
string, (3) with the key quota reached, or (4) ENOMEM.
|
| 22 |
upstream: released (2.6.12.5)
|
| 23 |
2.6.8-sarge-security: N/A
|
| 24 |
2.4.27-sid/sarge: N/A
|
| 25 |
2.4.27-sarge-security: N/A
|
| 26 |
linux-2.6: released (2.6.12-3) [linux-2.6.12.5.patch]
|
| 27 |
2.4.19-woody-security:
|
| 28 |
2.4.18-woody-security:
|
| 29 |
2.4.17-woody-security:
|
| 30 |
2.4.16-woody-security:
|
| 31 |
2.4.17-woody-security-hppa:
|
| 32 |
2.4.17-woody-security-ia64:
|
| 33 |
2.4.18-woody-security-hppa:
|
Parent Directory
| 
Revision Log