CVE-2005-2617
CVSS3.6
发布时间 :2005-08-17 00:00:00
修订时间 :2008-09-05 16:52:14
NMCOS    

[原文]The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers.


[CNNVD]Linux内核 'syscall32.c'内存泄露漏洞 (CNNVD-200508-167)

        在64位 x86平台上,Linux内核2.6.12及更高版本的syscall32.c中的syscall32_setup_pages函数不能检查insert_vm_struct函数的返回值。这使得本地用户可以借助于具有特殊ELF头文件的32位应用程序触发内存泄露。

- CVSS (基础分值)

CVSS分值: 3.6 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12:rc1Linux Kernel 2.6.12 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12:rc4Linux Kernel 2.6.12 Release Candidate 4

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2617
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2617
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-167
(官方数据源) CNNVD

- 其它链接及资源

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9fb1759a3102c26cd8f64254a7c3e532782c2bb8
(VENDOR_ADVISORY)  CONFIRM  http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9fb1759a3102c26cd8f64254a7c3e532782c2bb8

- 漏洞信息

Linux内核 'syscall32.c'内存泄露漏洞
低危 其他
2005-08-17 00:00:00 2005-10-20 00:00:00
本地  
        在64位 x86平台上,Linux内核2.6.12及更高版本的syscall32.c中的syscall32_setup_pages函数不能检查insert_vm_struct函数的返回值。这使得本地用户可以借助于具有特殊ELF头文件的32位应用程序触发内存泄露。

- 公告与补丁

        暂无数据

- 漏洞信息

18959
Linux Kernel syscall32_setup_pages() Crafted ELF Header Local DoS
Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-08-17 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel 64 Bit ELF Header Processing Memory Leak Local Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 14661
No Yes
2005-08-25 12:00:00 2009-07-12 05:06:00
Discovery is credited to Suresh Siddha.

- 受影响的程序版本

Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
+ Red Hat Fedora Core4
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
+ S.u.S.E. Linux Enterprise Server 9
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc4

- 不受影响的程序版本

Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc4

- 漏洞讨论

A local denial of service vulnerability affects the Linux kernel's ELF header processing functionality on 64 bit x86 platforms.

A successful attack can allow a local attacker to trigger a denial of service condition in the kernel.

This issue may be related to BID 11846 (Linux Kernel 64 Bit ELF Header Local Denial Of Service Vulnerability). Due to a lack of information, this cannot be confirmed at the moment. This BID will be retired if further analysis reveals that the issues are identical.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

This issue has been addressed in Linux kernel version 2.6.13-rc4.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站