CVE-2005-2098 in Kernelinfo

Summary

The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

06/30/2005

Disclosure

08/23/2005

Moderation

VulDB entry created

Entries

VDB-1686 (1)

CPE

ready

CWE

CWE-401 (Confirmed)

CVSS

6.5

EPSS

0.03007

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2098
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2098
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2098/

◂ Previous Overview Next ▸