CVE-2005-4798

Linux Kernel 2.4-2.4.31 - Buffer Overflow

Title source: llm

Description

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

References (11)

[Vendor Advisory] http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=87e03738fc15dc3ea4acde3a5dcb5f84b6b6152b

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/20186

[Various Sources] http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html

[Vendor Advisory] http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commitdiff%3Bh=87e03738fc15dc3ea4acde3a5dcb5f84b6b6152b

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2006-05-31.html

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1183

[Third Party Advisory] http://www.debian.org/security/2006/dsa-1184

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11536

[Third Party Advisory] http://secunia.com/advisories/20398

[Third Party Advisory] http://secunia.com/advisories/22082

[Third Party Advisory] http://secunia.com/advisories/22093

Scores

EPSS 0.0089

EPSS Percentile 75.3%

Classification

Status draft

Affected Products (50)

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

... and 35 more

Timeline

Published Dec 31, 2005

Tracked Since Feb 18, 2026