CVE-2005-2548

Linux Kernel - Resource Management Error

Title source: rule

Description

vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd.

References (8)

[Exploit, Vendor Advisory] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309308

[Various Sources] http://lists.osdl.org/pipermail/bridge/2004-September/000638.html

[Vendor Advisory] http://secunia.com/advisories/17826

[Vendor Advisory] http://secunia.com/advisories/18056

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

[Vendor Advisory] https://usn.ubuntu.com/169-1/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14611

[Third Party Advisory] http://www.debian.org/security/2005/dsa-922

Scores

EPSS 0.0184

EPSS Percentile 82.7%

Classification

CWE

CWE-399

Status draft

Affected Products (1)

linux/linux_kernel

Timeline

Published Aug 12, 2005

Tracked Since Feb 18, 2026