Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2553

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-2553
Last Modified 07 Mar 2011 09:24:40
Published 12 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2553

Summary

The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.23 Ow2

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.24 Ow1

  • Linux Kernel 2.4.25

  • Linux Kernel 2.4.26

  • Linux Kernel 2.4.27

  • Linux Kernel 2.4.28

  • Linux Kernel 2.4.29

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9


References

VUPEN - ADV-2005-1878

CONFIRM - http://lkml.org/lkml/2005/1/5/245

CONFIRM - http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA

MANDRIVA - MDKSA-2006:044

BID - 14965

FEDORA - FLSA:157459-2

REDHAT - RHSA-2005:663

DEBIAN - DSA-921

SECUNIA - 19038

SECUNIA - 18977

SECUNIA - 18059

SECUNIA - 17002

SUSE - SUSE-SA:2006:012


Last Updated: 27 May 2016 10:40:34