4.6

CVE-2005-2490

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.0
LinuxLinux Kernel Version2.6.0 Updatetest1
LinuxLinux Kernel Version2.6.0 Updatetest10
LinuxLinux Kernel Version2.6.0 Updatetest11
LinuxLinux Kernel Version2.6.0 Updatetest2
LinuxLinux Kernel Version2.6.0 Updatetest3
LinuxLinux Kernel Version2.6.0 Updatetest4
LinuxLinux Kernel Version2.6.0 Updatetest5
LinuxLinux Kernel Version2.6.0 Updatetest6
LinuxLinux Kernel Version2.6.0 Updatetest7
LinuxLinux Kernel Version2.6.0 Updatetest8
LinuxLinux Kernel Version2.6.0 Updatetest9
LinuxLinux Kernel Version2.6.1
LinuxLinux Kernel Version2.6.1 Updaterc1
LinuxLinux Kernel Version2.6.1 Updaterc2
LinuxLinux Kernel Version2.6.2
LinuxLinux Kernel Version2.6.3
LinuxLinux Kernel Version2.6.4
LinuxLinux Kernel Version2.6.5
LinuxLinux Kernel Version2.6.6
LinuxLinux Kernel Version2.6.6 Updaterc1
LinuxLinux Kernel Version2.6.7
LinuxLinux Kernel Version2.6.7 Updaterc1
LinuxLinux Kernel Version2.6.8
LinuxLinux Kernel Version2.6.8 Updaterc1
LinuxLinux Kernel Version2.6.8 Updaterc2
LinuxLinux Kernel Version2.6.8 Updaterc3
LinuxLinux Kernel Version2.6.9 Update2.6.20
LinuxLinux Kernel Version2.6.10
LinuxLinux Kernel Version2.6.10 Updaterc2
LinuxLinux Kernel Version2.6.11
LinuxLinux Kernel Version2.6.11 Updaterc2
LinuxLinux Kernel Version2.6.11 Updaterc3
LinuxLinux Kernel Version2.6.11 Updaterc4
LinuxLinux Kernel Version2.6.11.5
LinuxLinux Kernel Version2.6.11.6
LinuxLinux Kernel Version2.6.11.7
LinuxLinux Kernel Version2.6.11.8
LinuxLinux Kernel Version2.6.11.11
LinuxLinux Kernel Version2.6.12 Updaterc1
LinuxLinux Kernel Version2.6.12 Updaterc4
LinuxLinux Kernel Version2.6_test9_cvs
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.56% 0.418
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/427980/100/0/threaded
http://www.securityfocus.com/archive/1/428028/100/0/threaded
http://www.securityfocus.com/archive/1/428058/100/0/threaded
http://secunia.com/advisories/17002
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://www.vupen.com/english/advisories/2005/1878
http://secunia.com/advisories/17826
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
http://secunia.com/advisories/19374
http://www.debian.org/security/2006/dsa-1017
http://secunia.com/advisories/17918
http://www.securityfocus.com/archive/1/419522/100/0/threaded
http://secunia.com/advisories/17073
http://www.redhat.com/support/errata/RHSA-2005-514.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
http://marc.info/?l=bugtraq&m=112690609622266&w=2
http://www.ubuntu.com/usn/usn-178-1
Vendor Advisory
http://secunia.com/advisories/16747/
Patch
Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1
http://www.securityfocus.com/bid/14785
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/22217
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481