Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-0001 | First vendor Publication | 2005-05-02 |
Vendor | Cve | Last vendor Modification | 2017-10-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0001 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10322 | |||
Oval ID: | oval:org.mitre.oval:def:10322 | ||
Title: | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | ||
Description: | Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0001 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12914 | Linux Kernel Multiprocessor Page Fault Handler Race Condition Linux Kernel contains a flaw that may allow a malicious user to execute arbitrary code with root privileges on multi-processor systems. The issue is caused by the page fault handler and is triggered when two threads, which share the same virtual memory space, request a stack expansion simultaneously. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-60-0.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-092.nasl - Type : ACT_GATHER_INFO |
2005-02-03 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_003.nasl - Type : ACT_GATHER_INFO |
2005-01-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO |
2005-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-043.nasl - Type : ACT_GATHER_INFO |
2005-01-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-025.nasl - Type : ACT_GATHER_INFO |
2005-01-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-026.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:50 |
|
2024-02-01 12:01:38 |
|
2023-09-05 12:02:41 |
|
2023-09-05 01:01:29 |
|
2023-09-02 12:02:43 |
|
2023-09-02 01:01:29 |
|
2023-08-12 12:03:16 |
|
2023-08-12 01:01:30 |
|
2023-08-11 12:02:49 |
|
2023-08-11 01:01:31 |
|
2023-08-06 12:02:37 |
|
2023-08-06 01:01:30 |
|
2023-08-04 12:02:41 |
|
2023-08-04 01:01:31 |
|
2023-07-14 12:02:39 |
|
2023-07-14 01:01:31 |
|
2023-03-29 01:02:43 |
|
2023-03-28 12:01:36 |
|
2022-10-11 12:02:22 |
|
2022-10-11 01:01:23 |
|
2021-05-04 12:02:42 |
|
2021-04-22 01:02:54 |
|
2020-05-23 00:16:15 |
|
2017-10-11 09:23:26 |
|
2017-07-11 12:01:47 |
|
2016-10-18 12:01:33 |
|
2016-04-26 13:13:16 |
|
2014-02-17 10:29:36 |
|
2013-05-11 11:19:25 |
|