CVE-2005-1913

The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1
http://secunia.com/advisories/15786/	Patch Vendor Advisory
http://www.securityfocus.com/bid/14054	Patch
http://www.ubuntu.com/usn/usn-178-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/21138
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1
http://secunia.com/advisories/15786/	Patch Vendor Advisory
http://www.securityfocus.com/bid/14054	Patch
http://www.ubuntu.com/usn/usn-178-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/21138

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.0:test1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test10::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test11::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test5::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test6::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test7::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test8::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test9::::::
	cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.6:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.7:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.8:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.8:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.8:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20::::::
	cpe:2.3:o:linux:linux_kernel:2.6.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.10:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.11:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.11:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.11.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:::::::*

History

20 Nov 2024, 23:58

Type	Values Removed	Values Added
References	~~() http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1 -~~	() http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1 -
References	~~() http://secunia.com/advisories/15786/ - Patch, Vendor Advisory~~	() http://secunia.com/advisories/15786/ - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/14054 - Patch~~	() http://www.securityfocus.com/bid/14054 - Patch
References	~~() http://www.ubuntu.com/usn/usn-178-1 -~~	() http://www.ubuntu.com/usn/usn-178-1 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/21138 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/21138 -

Information

Published : 2005-09-14 19:03

Updated : 2024-11-20 23:58

NVD link : CVE-2005-1913

Mitre link : CVE-2005-1913

CVE.ORG link : CVE-2005-1913

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

2.1 /10