CVE-2005-3271

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user.

References

http://linux.bkbits.net:8080/linux-2.6/[email protected]_ZH0hg

http://secunia.com/advisories/17826

http://secunia.com/advisories/17917

http://secunia.com/advisories/18056

http://www.debian.org/security/2005/dsa-922

http://www.mandriva.com/security/advisories?name=MDKSA-2005:218

http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

http://www.securityfocus.com/advisories/9806

http://www.securityfocus.com/bid/15533

http://www.ussg.iu.edu/hypermail/linux/kernel/0409.1/1107.html

https://usn.ubuntu.com/219-1/

Details

Source: MITRE

Published: 2005-10-21

Updated: 2018-10-03

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*

Tenable Plugins

View all (4 total)

IDNameProductFamilySeverity
65105Ubuntu 4.10 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-219-1)NessusUbuntu Local Security Checks
medium
22788Debian DSA-922-1 : kernel-source-2.6.8 - several vulnerabilitiesNessusDebian Local Security Checks
high
20451MDKSA-2005:220 : kernelNessusMandriva Local Security Checks
medium
20450Mandrake Linux Security Advisory : kernel (MDKSA-2005:219)NessusMandriva Local Security Checks
high