CVE-2005-3807
published 2005-11-25CVE-2005-3807: Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via…
PriorityP413medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.74%
50.1th percentile
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_ubuntu4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q98v-8mff-57hg: Memory leak in the VFS file lease handling in locks
ghsa_unreviewed·2022-05-01
CVE-2005-3807 [MEDIUM] GHSA-q98v-8mff-57hg: Memory leak in the VFS file lease handling in locks
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2005-12-23·CVSS 4.6
CVE-2005-3257 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Rudolf Polzer reported an abuse of the 'loadkeys' command. By
redefining one or more keys and tricking another user (like root) into
logging in on a text console and typing something that involves the
redefined keys, a local user could cause execution of arbitrary
commands with the privileges of the target user. The updated kernel
restricts the usage of 'loadkeys' to root. (CVE-2005-3257)
The ptrace() system call did not correctly check whether a process
tried to attach to itself. A local attacker could exploit this to
cause a kernel crash. (CVE-2005-3783)
A Denial of Service vulnerability was found in the handler that
automatically cleans up and terminates child processes that are not
correctly handled by their
No detection rules found.
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc15ae14e97ee9d5ed740cbb0b94996076d8b37ehttp://marc.info/?l=linux-kernel&m=113190437101622&w=2http://secunia.com/advisories/17917http://secunia.com/advisories/17918http://secunia.com/advisories/18203http://www.securityfocus.com/advisories/9806http://www.securityfocus.com/archive/1/419522/100/0/threadedhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/15745http://www.trustix.org/errata/2005/0070http://www.ubuntulinux.org/usn/usn-231-1http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc15ae14e97ee9d5ed740cbb0b94996076d8b37ehttp://marc.info/?l=linux-kernel&m=113190437101622&w=2http://secunia.com/advisories/17917http://secunia.com/advisories/17918http://secunia.com/advisories/18203http://www.securityfocus.com/advisories/9806http://www.securityfocus.com/archive/1/419522/100/0/threadedhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/15745http://www.trustix.org/errata/2005/0070http://www.ubuntulinux.org/usn/usn-231-1
2005-11-25
Published