blob: 444d853ce41f13e2a90a8f77d5402f8b3761804a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Candidate: CVE-2005-2553
References:
URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2553
CONFIRM:http://lkml.org/lkml/2005/1/5/245
CONFIRM:http://linux.bkbits.net:8080/linux-2.4/cset@41dd3455GwQPufrGvBJjcUOXQa3WXA
Description:
The find_target function in ptrace32.c in the Linux kernel 2.4.x
before 2.4.29 does not properly handle a NULL return value from
another function, which allows local users to cause a denial of
service (kernel crash/oops) by running a 32-bit ltrace program with
the -i option on a 64-bit executable program.
Bugs:
upstream: released (2.4.29)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sid/sarge: pending [184_arch-x86_64-ia32-ptrace32-oops.diff]
2.4.27-sarge-security: released (2.4.27-10sarge1) [184_arch-x86_64-ia32-ptrace32-oops.diff]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|