CVE-2005-0136

Current Description

The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.

Basic Data

PublishedDecember 31, 2005
Last ModifiedOctober 30, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.6.8*******
    2.3OSLinuxLinux Kernel2.6.8rc1******
    2.3OSLinuxLinux Kernel2.6.8rc2******
    2.3OSLinuxLinux Kernel2.6.8rc3******
    2.3OSLinuxLinux Kernel2.6.8rc4******
    2.3OSLinuxLinux Kernel2.6.8.1*******
    2.3OSLinuxLinux Kernel2.6.8.1.5*******
    2.3OSLinuxLinux Kernel2.6.8.1.5*386*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*686*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*686_smp*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*amd64*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*amd64_k8*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*amd64_k8_smp*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*amd64_xeon*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*k7*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*k7_smp*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*power3*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*power3_smp*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*power4*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*power4_smp*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*powerpc*****
    2.3OSLinuxLinux Kernel2.6.8.1.5*powerpc_smp*****
    2.3OSLinuxLinux Kernel2.6.9*******
    2.3OSLinuxLinux Kernel2.6.92.6.20******
    2.3OSLinuxLinux Kernel2.6.9rc1******
    2.3OSLinuxLinux Kernel2.6.9rc2******
    2.3OSLinuxLinux Kernel2.6.9rc3******
    2.3OSLinuxLinux Kernel2.6.9rc4******
    2.3OSLinuxLinux Kernel2.6.10*******
    2.3OSLinuxLinux Kernel2.6.10rc1******
    2.3OSLinuxLinux Kernel2.6.10rc2******
    2.3OSLinuxLinux Kernel2.6.10rc3******

Vulnerable Software List

VendorProductVersions
Linux Linux Kernel 2.6.10, 2.6.8, 2.6.8.1, 2.6.8.1.5, 2.6.9

References

NameSourceURLTags
[kernel-svn-changes] 20050816 r3920 - in branches/dist/sarge-security: . kernel kernel/i386 kernel/source kernel/source/kernel-source-2.6.8-2.6.8/debianhttp://lists.alioth.debian.org/pipermail/kernel-svn-changes/2005-August/002597.htmlMLIST
http://openvz.org/news/updates/kernel-022stab045.1-releasedhttp://openvz.org/news/updates/kernel-022stab045.1-releasedMISCPatch
17002http://secunia.com/advisories/17002SECUNIAPatch Vendor Advisory
[linux-ia64] 20040916 Re: [Patch] Per CPU MCA/INIT data save areashttp://www.gelato.unsw.edu.au/archives/linux-ia64/0409/11073.htmlMLISTPatch
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11CONFIRMPatch
RHSA-2005:420http://www.redhat.com/support/errata/RHSA-2005-420.htmlREDHATPatch
RHSA-2005:663http://www.redhat.com/support/errata/RHSA-2005-663.htmlREDHATPatch
ADV-2005-1878http://www.vupen.com/english/advisories/2005/1878VUPEN
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148862https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148862MISCPatch
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=155283https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=155283MISCPatch
oval:org.mitre.oval:def:11628https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11628OVAL