CVE-2005-2490

high

Description

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481

https://exchange.xforce.ibmcloud.com/vulnerabilities/22217

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248

http://www.vupen.com/english/advisories/2005/1878

http://www.ubuntu.com/usn/usn-178-1

http://www.securityfocus.com/bid/14785

http://www.securityfocus.com/archive/1/428058/100/0/threaded

http://www.securityfocus.com/archive/1/428028/100/0/threaded

http://www.securityfocus.com/archive/1/427980/100/0/threaded

http://www.securityfocus.com/archive/1/419522/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2005-663.html

http://www.redhat.com/support/errata/RHSA-2005-514.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:235

http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1

http://www.debian.org/security/2006/dsa-1017

http://secunia.com/advisories/19374

http://secunia.com/advisories/17918

http://secunia.com/advisories/17826

http://secunia.com/advisories/17073

http://secunia.com/advisories/17002

http://secunia.com/advisories/16747/

http://marc.info/?l=bugtraq&m=112690609622266&w=2

Details

Source: Mitre, NVD

Published: 2005-09-14

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics