漏洞信息详情

Linux Kernel 本地拒绝服务漏洞

  • CNNVD编号:CNNVD-200508-244
  • 危害等级: 中危
  • CVE编号: CVE-2005-2098
  • 漏洞类型: 其他
  • 发布时间: 2005-08-23
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: linux
  • 漏洞来源: David Howells repo...

漏洞简介

Linux内核2.6.12.5之前的版本中 KEYCTL_JOIN_SESSION_KEYRING运算包含错误路径,该错误路径不能正确地释放会话管理信号量。这使得本地用户或远程攻击者可以借助于带有(1)空名称字符串的新会话钥匙圈,带有(2)长的名称字符串的新会话钥匙圈,带有(3)达到的钥匙配额会话钥匙圈或(4)ENOMEM,造成拒绝服务(信号量挂起)。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

Linux kernel 2.6 -test6

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test1

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test4

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test7

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test9

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test2

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test8

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test11

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test10

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test9-CVS

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test3

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

参考网址

来源: SECUNIA

名称: 16355

链接:http://secunia.com/advisories/16355/

来源: UBUNTU

名称: USN-169-1

链接:http://www.ubuntulinux.org/support/documentation/usn/usn-169-1

来源: kernel.org

链接:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5

来源: BID

名称: 14521

链接:http://www.securityfocus.com/bid/14521

来源: FEDORA

名称: FLSA:157459-3

链接:http://www.securityfocus.com/archive/1/archive/1/427980/100/0/threaded

来源: REDHAT

名称: RHSA-2005:514

链接:http://www.redhat.com/support/errata/RHSA-2005-514.html

来源: MANDRIVA

名称: MDKSA-2005:220

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

来源: SECUNIA

名称: 17073

链接:http://secunia.com/advisories/17073

来源: MANDRIVA

名称: MDKSA-2005:220

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:220

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多