2.1

CVE-2005-3181

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

Data is provided by the National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.0 <= 2.6.13.3
CanonicalUbuntu Linux Version4.10
CanonicalUbuntu Linux Version5.04
DebianDebian Linux Version3.1
MandrivaLinux Version10.1
MandrivaLinux Version10.2
MandrivaLinux Version2006.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.325
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

http://www.securityfocus.com/archive/1/427980/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://secunia.com/advisories/17826
Vendor Advisory
Broken Link
http://secunia.com/advisories/19374
Vendor Advisory
Broken Link
http://secunia.com/advisories/17917
Vendor Advisory
Broken Link
http://www.securityfocus.com/advisories/9806
Third Party Advisory
Broken Link
VDB Entry
http://secunia.com/advisories/17364
Vendor Advisory
Broken Link
http://secunia.com/advisories/17114
Vendor Advisory
Broken Link
http://www.securityfocus.com/bid/15076
Third Party Advisory
Broken Link
VDB Entry
http://secunia.com/advisories/17280
Vendor Advisory
Broken Link
http://www.securityfocus.com/advisories/9549
Third Party Advisory
Broken Link
VDB Entry