Back to search
CVE-2005-1768
Published: Jul 11, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050711 [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64)
mailing-list
x_refsource_BUGTRAQ
15980
third-party-advisory
x_refsource_SECUNIA
1014442
vdb-entry
x_refsource_SECTRACK
18059
third-party-advisory
x_refsource_SECUNIA
19185
third-party-advisory
x_refsource_SECUNIA
19607
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11117
vdb-entry
signature
x_refsource_OVAL
DSA-921
vendor-advisory
x_refsource_DEBIAN
RHSA-2005:551
vendor-advisory
x_refsource_REDHAT
17002
third-party-advisory
x_refsource_SECUNIA
14205
vdb-entry
x_refsource_BID
http://www.suresec.org/advisories/adv4.pdf
x_refsource_MISC
SUSE-SA:2005:044
vendor-advisory
x_refsource_SUSE
RHSA-2005:663
vendor-advisory
x_refsource_REDHAT
ADV-2005-1878
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now