CVE-2005-2800
published 2005-09-06CVE-2005-2800: Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of…
PriorityP415low2.1CVSS 2.0
AVLACLAuNCNINAP
EXPLOIT
EPSS
0.83%
52.9th percentile
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2005-09-09
CVE-2005-2490 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Oleg Nesterov discovered a local Denial of Service vulnerability in
the timer handling. When a non group-leader thread called exec() to
execute a different program while an itimer was pending, the timer
expiry would signal the old group leader task, which did not exist any
more. This caused a kernel panic. This vulnerability only affects
Ubuntu 5.04. (CAN-2005-1913)
Al Viro discovered that the sendmsg() function did not sufficiently
validate its input data. By calling sendmsg() and at the same time
modifying the passed message in another thread, he could exploit this
to execute arbitrary commands with kernel privileges. This only
affects the amd64 bit platform. (CAN-2005-2490)
Al Viro discovered a vulnerability i
Red Hat
security flaw
vendor_redhat·2005-08-27·CVSS 2.1
CVE-2005-2800 [LOW] security flaw
security flaw
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
GHSA
GHSA-85w7-89c4-rr7g: Memory leak in the seq_file implementation in the SCSI procfs interface (sg
ghsa_unreviewed·2022-05-01
CVE-2005-2800 [LOW] GHSA-85w7-89c4-rr7g: Memory leak in the seq_file implementation in the SCSI procfs interface (sg
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
No detection rules found.
Bugzilla
CVE-2005-2800 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2005-2800 [LOW] CVE-2005-2800 security flaw
CVE-2005-2800 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
Bugzilla
CVE-2005-2800 SCSI proc DoS
bugzilla·2005-09-07·CVSS 2.1
CVE-2005-2800 [LOW] CVE-2005-2800 SCSI proc DoS
CVE-2005-2800 SCSI proc DoS
"Memory leak in the seq_file implemenetation in the SCSI procfs interface (sg.c)
in Linux kernel 2.6.13 and earlier allows local users to cause a denial of
service (memory consumption) via certain repeated reads from the
/proc/scsi/sg/devices file, which is not properly handled when the next()
iterator returns NULL or an error."
Affects: RHEL4
Fix: Upstream at
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=729d70f5dfd663b44bca68a4479c96bde7e535d
Discussion:
Fix is being tested now.
---
Fix passed my testing, submitted internally for inclusion.
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more informat
Bugzilla
Multiple Kernel vulnerabilities
bugzilla·2005-05-11
[MEDIUM] Multiple Kernel vulnerabilities
Multiple Kernel vulnerabilities
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Mozilla rulez!)
Description of problem:
Paul Starzetz of iSEC has found yet another bug in binfmt_elf.c. It can be abused to crash the kernel, perhaps even to break into the kernel land. See the advisory for details.
Version-Release number of selected component (if applicable):
How reproducible:
Didn't try
Steps to Reproduce:
Additional info:
I've got a quick and dirty patch. I'll submit it ASAP.
Discussion:
Grr...Bugzilla assigned the bug to [email protected] rather than to
[email protected]
---
Created attachment 114264
The patch for CAN-2005-1263
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch can be applied to FL kernel 2.4.20-43:
402e548b02382c015d6f5e5704370a1ba546598b
li
http://secunia.com/advisories/17826http://secunia.com/advisories/17918http://secunia.com/advisories/18510http://secunia.com/advisories/19374http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=729d70f5dfd663b44bca68a4479c96bde7e535d6http://www.mandriva.com/security/advisories?name=MDKSA-2005:218http://www.mandriva.com/security/advisories?name=MDKSA-2005:219http://www.mandriva.com/security/advisories?name=MDKSA-2005:220http://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/419522/100/0/threadedhttp://www.securityfocus.com/archive/1/427980/100/0/threadedhttp://www.securityfocus.com/bid/14790https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9954http://secunia.com/advisories/17826http://secunia.com/advisories/17918http://secunia.com/advisories/18510http://secunia.com/advisories/19374http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=729d70f5dfd663b44bca68a4479c96bde7e535d6http://www.mandriva.com/security/advisories?name=MDKSA-2005:218http://www.mandriva.com/security/advisories?name=MDKSA-2005:219http://www.mandriva.com/security/advisories?name=MDKSA-2005:220http://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/419522/100/0/threadedhttp://www.securityfocus.com/archive/1/427980/100/0/threadedhttp://www.securityfocus.com/bid/14790https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9954
2005-09-06
Published