2.1
CVE-2005-3119
- EPSS 0.39%
- Veröffentlicht 12.10.2005 13:03:00
- Zuletzt bearbeitet 16.06.2026 22:16:17
- Quelle security@debian.org
- CVE-Watchlists
- Unerledigt
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.10 <= 2.6.13
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.306 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
http://secunia.com/advisories/17364
http://www.redhat.com/support/errata/RHSA-2005-808.html
http://linux.bkbits.net:8080/linux-2.6/cset%4043483fddCiQX1WyG_orbko06TrjMVA
http://secunia.com/advisories/17114
http://www.securityfocus.com/bid/15076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11236