The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 00:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - Broken Link | |
References | () http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - Broken Link | |
References | () http://secunia.com/advisories/17114 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/17280 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/17364 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/17826 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/17917 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/19374 - Broken Link, Vendor Advisory | |
References | () http://www.debian.org/security/2006/dsa-1017 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2005-808.html - Broken Link | |
References | () http://www.securityfocus.com/advisories/9549 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/advisories/9806 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/15076 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/usn-199-1 - Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - Broken Link |
26 Jan 2024, 18:56
Type | Values Removed | Values Added |
---|---|---|
References | (UBUNTU) http://www.ubuntu.com/usn/usn-199-1 - Third Party Advisory | |
References | (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/17114 - Broken Link, Vendor Advisory | |
References | (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 - Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2006/dsa-1017 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/17364 - Broken Link, Vendor Advisory | |
References | (MISC) http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 - Broken Link | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 - Third Party Advisory | |
References | (SUSE) http://www.securityfocus.com/advisories/9806 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/17280 - Broken Link, Vendor Advisory | |
References | (SECUNIA) http://secunia.com/advisories/17826 - Broken Link, Vendor Advisory | |
References | (SECUNIA) http://secunia.com/advisories/19374 - Broken Link, Vendor Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467 - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2005-808.html - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/17917 - Broken Link, Vendor Advisory | |
References | (MISC) http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/15076 - Broken Link, Third Party Advisory, VDB Entry | |
References | (FEDORA) http://www.securityfocus.com/advisories/9549 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MANDRAKE) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 - Third Party Advisory | |
References | (FEDORA) http://www.securityfocus.com/archive/1/427980/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
First Time |
Canonical
Debian Mandriva Mandriva linux Debian debian Linux Canonical ubuntu Linux |
|
CWE | CWE-401 | |
CPE | cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* cpe:2.3:o:mandriva:linux:10.1:*:*:*:*:*:*:* cpe:2.3:o:mandriva:linux:10.2:*:*:*:*:*:*:* cpe:2.3:o:mandriva:linux:2006.0:*:*:*:*:*:*:* |
Information
Published : 2005-10-12 13:04
Updated : 2024-11-21 00:01
NVD link : CVE-2005-3181
Mitre link : CVE-2005-3181
CVE.ORG link : CVE-2005-3181
JSON object : View
Products Affected
mandriva
- linux
canonical
- ubuntu_linux
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-401
Missing Release of Memory after Effective Lifetime