Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0001

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2005-0001
Last Modified 21 Aug 2010 12:25:19
Published 02 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2005-0001

Summary

Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.7

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.25

  • Linux Kernel 2.4.26

  • Linux Kernel 2.4.27

  • Linux Kernel 2.4.28

  • Linux Kernel 2.4.29

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux 4.0

  • Redhat Enterprise Linux Desktop 3.0

  • Redhat Enterprise Linux Desktop 4.0

  • Trustix Secure Linux 2

  • Trustix Secure Linux 2.1

  • Trustix Secure Linux 2.2


References

FEDORA - FLSA:2336

XF - linux-fault-handler-gain-privileges(18849)

TRUSTIX - 2005-0001

BID - 12244

REDHAT - RHSA-2005:092

REDHAT - RHSA-2005:043

REDHAT - RHSA-2005:017

REDHAT - RHSA-2005:016

DEBIAN - DSA-1082

DEBIAN - DSA-1070

DEBIAN - DSA-1069

DEBIAN - DSA-1067

SECTRACK - 1012862

SECUNIA - 20338

SECUNIA - 20202

SECUNIA - 20163

SECUNIA - 13822

BUGTRAQ - 20050114 [USN-60-0] Linux kernel vulnerabilities

BUGTRAQ - 20050112 Linux kernel i386 SMP page fault handler privilege escalation

MISC - http://isec.pl/vulnerabilities/isec-0022-pagefault.txt

CONECTIVA - CLA-2005:930

MANDRAKE - MDKSA-2005:022


Last Updated: 27 May 2016 10:39:38