CVE-2005-3181

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

he audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

References

Link	Resource
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23	Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA	Broken Link
http://secunia.com/advisories/17114	Broken Link Vendor Advisory
http://secunia.com/advisories/17280	Broken Link Vendor Advisory
http://secunia.com/advisories/17364	Broken Link Vendor Advisory
http://secunia.com/advisories/17826	Broken Link Vendor Advisory
http://secunia.com/advisories/17917	Broken Link Vendor Advisory
http://secunia.com/advisories/19374	Broken Link Vendor Advisory
http://www.debian.org/security/2006/dsa-1017	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.html	Broken Link
http://www.securityfocus.com/advisories/9549	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/advisories/9806	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threaded	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/15076	Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-199-1	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467	Broken Link
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23	Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcA	Broken Link
http://secunia.com/advisories/17114	Broken Link Vendor Advisory
http://secunia.com/advisories/17280	Broken Link Vendor Advisory
http://secunia.com/advisories/17364	Broken Link Vendor Advisory
http://secunia.com/advisories/17826	Broken Link Vendor Advisory
http://secunia.com/advisories/17917	Broken Link Vendor Advisory
http://secunia.com/advisories/19374	Broken Link Vendor Advisory
http://www.debian.org/security/2006/dsa-1017	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.html	Broken Link
http://www.securityfocus.com/advisories/9549	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/advisories/9806	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threaded	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/15076	Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-199-1	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467	Broken Link