CVE-2005-0001

high

Description

Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10322

https://exchange.xforce.ibmcloud.com/vulnerabilities/18849

https://bugzilla.fedora.us/show_bug.cgi?id=2336

http://www.trustix.org/errata/2005/0001/

http://www.securityfocus.com/bid/12244

http://www.redhat.com/support/errata/RHSA-2005-092.html

http://www.redhat.com/support/errata/RHSA-2005-043.html

http://www.redhat.com/support/errata/RHSA-2005-017.html

http://www.redhat.com/support/errata/RHSA-2005-016.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:022

http://www.debian.org/security/2006/dsa-1082

http://www.debian.org/security/2006/dsa-1070

http://www.debian.org/security/2006/dsa-1069

http://www.debian.org/security/2006/dsa-1067

http://securitytracker.com/id?1012862

http://secunia.com/advisories/20338

http://secunia.com/advisories/20202

http://secunia.com/advisories/20163

http://secunia.com/advisories/13822

http://marc.info/?l=bugtraq&m=110581146702951&w=2

http://marc.info/?l=bugtraq&m=110554694522719&w=2

http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030826.html

http://isec.pl/vulnerabilities/isec-0022-pagefault.txt

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High