CVE-2005-3847

MEDIUM

Linux Kernel < 2.6.13 - Improper Locking

Title source: rule

Description

The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump.

References (9)

[Broken Link] http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html

[Mailing List, Patch] http://marc.info/?l=linux-kernel&m=112430346613450&w=2

[Mailing List, Patch] http://marc.info/?l=linux-kernel&m=112508422716574&w=2

[Broken Link, Vendor Advisory] http://secunia.com/advisories/19038

[Broken Link, Vendor Advisory] http://secunia.com/advisories/19374

[Patch, Vendor Advisory] http://www.debian.org/security/2006/dsa-1017

[Broken Link] http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git%3Ba=blob%3Bh=f6cc7e101c49f356e4c4df5cca1ff352a0f01dd5%3Bhb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd%3Bf=2.6.12.6/nptl-signal-delivery-deadlock-fix.patch

[Broken Link] http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=dd12f48d4e8774415b528d3991ae47c28f26e1ac%3Bhp=ade6648b3b11a5d81f6f28135193ab6d85d621db

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/16856

Scores

CVSS v3 5.5

EPSS 0.0007

EPSS Percentile 20.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-667

Status draft

Affected Products (2)

linux/linux_kernel < 2.6.13

debian/debian_linux

Timeline

Published Nov 27, 2005

Tracked Since Feb 18, 2026