CVE-2005-1768

NameCVE-2005-1768
DescriptionRace condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-921-1
NVD severitylow (attack range: local)
Debian Bugs319629
Debian/oldoldstablenot known to be vulnerable.
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kernel-image-2.4.27-alphasourcesarge2.4.27-10sarge1lowDSA-921-1
kernel-image-2.4.27-armsourcesarge2.4.27-2sarge1lowDSA-921-1
kernel-image-2.4.27-i386sourcesarge2.4.27-10sarge1lowDSA-921-1
kernel-image-2.4.27-ia64sourcesarge2.4.27-10sarge1lowDSA-921-1
kernel-image-2.4.27-m68ksourcesarge2.4.27-3sarge1lowDSA-921-1
kernel-image-2.4.27-s390sourcesarge2.4.27-2sarge1lowDSA-921-1
kernel-image-2.4.27-sparcsourcesarge2.4.27-9sarge1lowDSA-921-1
kernel-patch-2.4.27-armsourcesarge2.4.27-1sarge1lowDSA-921-1
kernel-patch-2.4.27-mipssourcesarge2.4.27-10.sarge1.040815-1lowDSA-921-1
kernel-patch-powerpc-2.4.27sourcesarge2.4.27-10sarge1lowDSA-921-1
kernel-source-2.4.27source(unstable)2.4.27-11medium319629
kernel-source-2.4.27sourcesarge2.4.27-10sarge1lowDSA-921-1

Search for package or bug name: Reporting problems