Back to search
CVE-2005-2456
Published: Aug 4, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SA:2005:050
vendor-advisory
x_refsource_SUSE
18056
third-party-advisory
x_refsource_SECUNIA
USN-169-1
vendor-advisory
x_refsource_UBUNTU
16500
third-party-advisory
x_refsource_SECUNIA
MDKSA-2005:220
vendor-advisory
x_refsource_MANDRAKE
17073
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10858
vdb-entry
signature
x_refsource_OVAL
18059
third-party-advisory
x_refsource_SECUNIA
DSA-922
vendor-advisory
x_refsource_DEBIAN
linux-kernel-xfrm-dos(21710)
vdb-entry
x_refsource_XF
14477
vdb-entry
x_refsource_BID
DSA-921
vendor-advisory
x_refsource_DEBIAN
RHSA-2005:514
vendor-advisory
x_refsource_REDHAT
17002
third-party-advisory
x_refsource_SECUNIA
17826
third-party-advisory
x_refsource_SECUNIA
16298
third-party-advisory
x_refsource_SECUNIA
FLSA:157459-3
vendor-advisory
x_refsource_FEDORA
RHSA-2005:663
vendor-advisory
x_refsource_REDHAT
MDKSA-2005:219
vendor-advisory
x_refsource_MANDRAKE
ADV-2005-1878
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now