CVE-2005-3119

Linux Kernel 2.6.10-2.6.13 - Denial of Service via Memory Leak in request_key_auth_destroy

Title source: llm

Description

Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.

References (6)

Core 6

Core References

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15076

Broken Link vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-808.html

Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17364

Broken Link x_refsource_confirm

http://linux.bkbits.net:8080/linux-2.6/cset%4043483fddCiQX1WyG_orbko06TrjMVA

Broken Link vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11236

Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17114

Scores

EPSS 0.0039

EPSS Percentile 30.8%

Details

CWE

CWE-401

Status published

Products (1)

linux/linux_kernel 2.6.10 - 2.6.13

Published Oct 12, 2005

Tracked Since Feb 18, 2026