CVE-2005-2490

EPSS 0.19%
Veröffentlicht 14.09.2005 19:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 27

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version2.6.0

Linux ≫ Linux Kernel Version2.6.0 Updatetest1

Linux ≫ Linux Kernel Version2.6.0 Updatetest10

Linux ≫ Linux Kernel Version2.6.0 Updatetest11

Linux ≫ Linux Kernel Version2.6.0 Updatetest2

Linux ≫ Linux Kernel Version2.6.0 Updatetest3

Linux ≫ Linux Kernel Version2.6.0 Updatetest4

Linux ≫ Linux Kernel Version2.6.0 Updatetest5

Linux ≫ Linux Kernel Version2.6.0 Updatetest6

Linux ≫ Linux Kernel Version2.6.0 Updatetest7

Linux ≫ Linux Kernel Version2.6.0 Updatetest8

Linux ≫ Linux Kernel Version2.6.0 Updatetest9

Linux ≫ Linux Kernel Version2.6.1

Linux ≫ Linux Kernel Version2.6.1 Updaterc1

Linux ≫ Linux Kernel Version2.6.1 Updaterc2

Linux ≫ Linux Kernel Version2.6.2

Linux ≫ Linux Kernel Version2.6.3

Linux ≫ Linux Kernel Version2.6.4

Linux ≫ Linux Kernel Version2.6.5

Linux ≫ Linux Kernel Version2.6.6

Linux ≫ Linux Kernel Version2.6.6 Updaterc1

Linux ≫ Linux Kernel Version2.6.7

Linux ≫ Linux Kernel Version2.6.7 Updaterc1

Linux ≫ Linux Kernel Version2.6.8

Linux ≫ Linux Kernel Version2.6.8 Updaterc1

Linux ≫ Linux Kernel Version2.6.8 Updaterc2

Linux ≫ Linux Kernel Version2.6.8 Updaterc3

Linux ≫ Linux Kernel Version2.6.9 Update2.6.20

Linux ≫ Linux Kernel Version2.6.10

Linux ≫ Linux Kernel Version2.6.10 Updaterc2

Linux ≫ Linux Kernel Version2.6.11

Linux ≫ Linux Kernel Version2.6.11 Updaterc2

Linux ≫ Linux Kernel Version2.6.11 Updaterc3

Linux ≫ Linux Kernel Version2.6.11 Updaterc4

Linux ≫ Linux Kernel Version2.6.11.5

Linux ≫ Linux Kernel Version2.6.11.6

Linux ≫ Linux Kernel Version2.6.11.7

Linux ≫ Linux Kernel Version2.6.11.8

Linux ≫ Linux Kernel Version2.6.11.11

Linux ≫ Linux Kernel Version2.6.12 Updaterc1

Linux ≫ Linux Kernel Version2.6.12 Updaterc4

Linux ≫ Linux Kernel Version2.6_test9_cvs

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.407

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://www.securityfocus.com/archive/1/427980/100/0/threaded

http://www.securityfocus.com/archive/1/428028/100/0/threaded

http://www.securityfocus.com/archive/1/428058/100/0/threaded

http://secunia.com/advisories/17002

http://www.redhat.com/support/errata/RHSA-2005-663.html

http://www.vupen.com/english/advisories/2005/1878

http://secunia.com/advisories/17826

http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

http://secunia.com/advisories/19374

http://www.debian.org/security/2006/dsa-1017

http://secunia.com/advisories/17918

http://www.securityfocus.com/archive/1/419522/100/0/threaded

http://secunia.com/advisories/17073

http://www.redhat.com/support/errata/RHSA-2005-514.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

http://www.mandriva.com/security/advisories?name=MDKSA-2005:235

http://marc.info/?l=bugtraq&m=112690609622266&w=2

http://www.ubuntu.com/usn/usn-178-1

Vendor Advisory

http://secunia.com/advisories/16747/

Patch

Vendor Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1

http://www.securityfocus.com/bid/14785

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/22217

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481

https://nvd.nist.gov/vuln/detail/CVE-2005-2490

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2490

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2490

EUVD