CVE-2005-2490

Linux Kernel - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

References (24)

[Mailing List] http://marc.info/?l=bugtraq&m=112690609622266&w=2

[Patch, Vendor Advisory] http://secunia.com/advisories/16747/

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-514.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-663.html

[Vendor Advisory] http://www.ubuntu.com/usn/usn-178-1

[Patch] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/22217

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2005:235

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/419522/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/427980/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/428028/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/428058/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14785

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1017

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10481

[Third Party Advisory] http://secunia.com/advisories/17002

[Third Party Advisory] http://secunia.com/advisories/17073

... and 4 more

Scores

EPSS 0.0019

EPSS Percentile 40.2%

Classification

Status draft

Affected Products (42)

linux/linux_kernel

... and 27 more

Timeline

Published Sep 14, 2005

Tracked Since Feb 18, 2026