LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

kernel: DoS vulnerabilities

Package(s):kernel CVE #(s):CAN-2005-1767 CAN-2005-3044
Created:September 26, 2005 Updated:September 28, 2005
Description: A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault exceptions under special circumstances (scheduling), which lead to a kernel crash. (CAN-2005-1767)

Vasiliy Averin discovered a Denial of Service vulnerability in the "tiocgdev" ioctl call and in the "routing_ioctl" function. By calling fget() and fput() in special ways, a local attacker could exploit this to destroy file descriptor structures and crash the kernel. (CAN-2005-3044)

Alerts:
Ubuntu USN-187-1 2005-09-25
Red Hat RHSA-2005:663-01 2005-09-28
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.