CVE-2005-3807

Linux Kernel - Denial of Service

Title source: rule

Description

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by J. Bruce Fields · cdoslinux

https://www.exploit-db.com/exploits/26749

View Code ZIP pw:eip

References (11)

[Third Party Advisory] http://secunia.com/advisories/17917

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/advisories/9806

[Various Sources] http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc15ae14e97ee9d5ed740cbb0b94996076d8b37e

[Third Party Advisory] http://secunia.com/advisories/18203

[Various Sources] http://www.ubuntulinux.org/usn/usn-231-1

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/419522/100/0/threaded

[Mailing List] http://marc.info/?l=linux-kernel&m=113190437101622&w=2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/427981/100/0/threaded

[Vendor Advisory] http://www.trustix.org/errata/2005/0070

[Third Party Advisory] http://secunia.com/advisories/17918

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15745

Scores

EPSS 0.0015

EPSS Percentile 34.8%

Details

Status published

Products (42)

linux/linux_kernel 2.6.0

linux/linux_kernel 2.6.1

linux/linux_kernel 2.6.2

linux/linux_kernel 2.6.3

linux/linux_kernel 2.6.4

linux/linux_kernel 2.6.5

linux/linux_kernel 2.6.6

linux/linux_kernel 2.6.7

linux/linux_kernel 2.6.8

linux/linux_kernel 2.6.8.1

... and 32 more

Published Nov 25, 2005

Tracked Since Feb 18, 2026