CVE-2005-1768 in Kernelinfo

Summary

Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/31/2005

Disclosure

07/11/2005

Moderation

VulDB entry created

Entries

VDB-1592 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

6.3

EPSS

0.00105

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-1768
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-1768
CVE Details	https://www.cvedetails.com/cve/CVE-2005-1768/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!