Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3356

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-3356
Last Modified 21 Aug 2010 12:33:44
Published 31 Dec 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3356

Summary

The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.9


References

SECUNIA - 18510

REDHAT - RHSA-2006:0101

UBUNTU - USN-244-1

BID - 16283

CONFIRM - http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7c7dce9209161eb260cdf9e9172f72c3a02379e6

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169130

XF - linux-double-decrement-dos(25302)

FEDORA - FLSA:157459-4

FEDORA - FLSA:157459-3

SUSE - SUSE-SA:2006:006

MANDRIVA - MDKSA-2006:040

DEBIAN - DSA-1017

SECUNIA - 19374

SECUNIA - 19038

SECUNIA - 18788

SECUNIA - 18527

SUSE - SUSE-SA:2006:012


Last Updated: 27 May 2016 10:40:54