CVE-2005-0003

5 documents5 sources

Severity

2.1LOW

EPSS

0.1%

top 74.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avaya Converged Communications Server Avaya Modular Messaging Message Storage Server Avaya S8300 +9 more

Timeline

PublishedApr 14

Latest updateMay 1

Description

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages11 packages

▶NVDlinux/linux_kernel32 versions+31

▶NVDmandrakesoft/mandrake_linux10.0, 10.1, 9.2+2

▶NVDredhat/enterprise_linux_desktop3.0

▶NVDmandrakesoft/mandrake_linux_corporate_server2.1, 3.0+1

▶NVDavaya/s8300r2.0.0, r2.0.1+1

Also affects: Enterprise Linux 3.0

Patches

Patch: www.redhat.com ↗Patch: www.securityfocus.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-hhhf-rv92-pq4q: The 64 bit ELF support in Linux kernel 2↗2022-05-01

▶

CVEList

CVE-2005-0003: The 64 bit ELF support in Linux kernel 2↗2005-01-20

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-12-17

▶

💬Community

Bugzilla

CVE-2005-0003 security flaw↗2018-08-16

▶