CVE-2005-0001

8 documents7 sources

Severity

6.9MEDIUM

EPSS

0.7%

top 28.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Redhat Enterprise Linux Redhat Enterprise Linux Desktop +1 more

Timeline

PublishedMay 2

Latest updateMay 1

Description

Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

▶NVDlinux/linux_kernel42 versions+41

▶NVDtrustix/secure_linux2, 2.1, 2.2+2

▶NVDredhat/enterprise_linux_desktop3.0, 4.0+1

Also affects: Enterprise Linux 3.0, 4.0

🔴Vulnerability Details

GHSA

GHSA-xrf6-29c3-gghc: Race condition in the page fault handler (fault↗2022-05-01

▶

CVEList

CVE-2005-0001: Race condition in the page fault handler (fault↗2005-01-19

▶

💥Exploits & PoCs

Exploit-DB

Asterisk 0.x/1.0/1.2 Voicemail - Unauthorized Access↗2005-11-07

▶

Exploit-DB

IA eMailServer Corporate Edition 5.2.2 - Denial of Service↗2005-06-26

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2005-01-14

▶

Red Hat

security flaw↗2005-01-12

▶

💬Community

Bugzilla

CVE-2005-0001 security flaw↗2018-08-16

▶