CVE-2005-3181

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
References
Link Resource
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA Broken Link
http://secunia.com/advisories/17114 Broken Link Vendor Advisory
http://secunia.com/advisories/17280 Broken Link Vendor Advisory
http://secunia.com/advisories/17364 Broken Link Vendor Advisory
http://secunia.com/advisories/17826 Broken Link Vendor Advisory
http://secunia.com/advisories/17917 Broken Link Vendor Advisory
http://secunia.com/advisories/19374 Broken Link Vendor Advisory
http://www.debian.org/security/2006/dsa-1017 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.html Broken Link
http://www.securityfocus.com/advisories/9549 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/advisories/9806 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/15076 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-199-1 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 Broken Link
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA Broken Link
http://secunia.com/advisories/17114 Broken Link Vendor Advisory
http://secunia.com/advisories/17280 Broken Link Vendor Advisory
http://secunia.com/advisories/17364 Broken Link Vendor Advisory
http://secunia.com/advisories/17826 Broken Link Vendor Advisory
http://secunia.com/advisories/17917 Broken Link Vendor Advisory
http://secunia.com/advisories/19374 Broken Link Vendor Advisory
http://www.debian.org/security/2006/dsa-1017 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.html Broken Link
http://www.securityfocus.com/advisories/9549 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/advisories/9806 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/15076 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-199-1 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:mandriva:linux:10.1:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:10.2:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2006.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:01

Type Values Removed Values Added
References () http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - Broken Link () http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - Broken Link
References () http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - Broken Link () http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - Broken Link
References () http://secunia.com/advisories/17114 - Broken Link, Vendor Advisory () http://secunia.com/advisories/17114 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/17280 - Broken Link, Vendor Advisory () http://secunia.com/advisories/17280 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/17364 - Broken Link, Vendor Advisory () http://secunia.com/advisories/17364 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/17826 - Broken Link, Vendor Advisory () http://secunia.com/advisories/17826 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/17917 - Broken Link, Vendor Advisory () http://secunia.com/advisories/17917 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/19374 - Broken Link, Vendor Advisory () http://secunia.com/advisories/19374 - Broken Link, Vendor Advisory
References () http://www.debian.org/security/2006/dsa-1017 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1017 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-808.html - Broken Link () http://www.redhat.com/support/errata/RHSA-2005-808.html - Broken Link
References () http://www.securityfocus.com/advisories/9549 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/advisories/9549 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/advisories/9806 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/advisories/9806 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/15076 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/15076 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/usn-199-1 - Third Party Advisory () http://www.ubuntu.com/usn/usn-199-1 - Third Party Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - Broken Link

26 Jan 2024, 18:56

Type Values Removed Values Added
References (UBUNTU) http://www.ubuntu.com/usn/usn-199-1 - (UBUNTU) http://www.ubuntu.com/usn/usn-199-1 - Third Party Advisory
References (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/17114 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/17114 - Broken Link, Vendor Advisory
References (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - Third Party Advisory
References (DEBIAN) http://www.debian.org/security/2006/dsa-1017 - (DEBIAN) http://www.debian.org/security/2006/dsa-1017 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/17364 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/17364 - Broken Link, Vendor Advisory
References (MISC) http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - (MISC) http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - Broken Link
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - Third Party Advisory
References (SUSE) http://www.securityfocus.com/advisories/9806 - (SUSE) http://www.securityfocus.com/advisories/9806 - Broken Link, Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/17280 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/17280 - Broken Link, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/17826 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/17826 - Broken Link, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/19374 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/19374 - Broken Link, Vendor Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - Broken Link
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-808.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-808.html - Broken Link
References (SECUNIA) http://secunia.com/advisories/17917 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/17917 - Broken Link, Vendor Advisory
References (MISC) http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - (MISC) http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - Broken Link
References (BID) http://www.securityfocus.com/bid/15076 - (BID) http://www.securityfocus.com/bid/15076 - Broken Link, Third Party Advisory, VDB Entry
References (FEDORA) http://www.securityfocus.com/advisories/9549 - (FEDORA) http://www.securityfocus.com/advisories/9549 - Broken Link, Third Party Advisory, VDB Entry
References (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Third Party Advisory
References (FEDORA) http://www.securityfocus.com/archive/1/427980/100/0/threaded - (FEDORA) http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
First Time Canonical
Debian
Mandriva
Mandriva linux
Debian debian Linux
Canonical ubuntu Linux
CWE CWE-399 CWE-401
CPE cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:10.1:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:10.2:*:*:*:*:*:*:*
cpe:2.3:o:mandriva:linux:2006.0:*:*:*:*:*:*:*

Information

Published : 2005-10-12 13:04

Updated : 2024-11-21 00:01


NVD link : CVE-2005-3181

Mitre link : CVE-2005-3181

CVE.ORG link : CVE-2005-3181


JSON object : View

Products Affected

mandriva

  • linux

canonical

  • ubuntu_linux

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-401

Missing Release of Memory after Effective Lifetime