ID CVE-2005-3271
Summary Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 03-10-2018 - 21:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 15533
confirm http://linux.bkbits.net:8080/linux-2.6/cset@414b332fsZQvEUsfzKJIo-q2_ZH0hg
debian DSA-922
mandrake
  • MDKSA-2005:218
  • MDKSA-2005:219
mlist [linux-kernel] 20040911 [PATCH] exec: fix posix-timers leak and pending signal loss
secunia
  • 17826
  • 17917
  • 18056
suse SUSE-SA:2005:067
ubuntu USN-219-1
Last major update 03-10-2018 - 21:31
Published 21-10-2005 - 01:02
Last modified 03-10-2018 - 21:31
Back to Top