Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-2872

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Sep, 2005 | 04:00
Updated At-07 Aug, 2024 | 22:53
Rejected At-
Credits

The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Sep, 2005 | 04:00
Updated At:07 Aug, 2024 | 22:53
Rejected At:
â–¼CVE Numbering Authority (CNA)

The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/18056
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
vendor-advisory
x_refsource_MANDRAKE
http://secunia.com/advisories/17073
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18059
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/419522/100/0/threaded
vendor-advisory
x_refsource_SUSE
http://www.debian.org/security/2005/dsa-922
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/bid/14791
vdb-entry
x_refsource_BID
http://www.debian.org/security/2005/dsa-921
vendor-advisory
x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-514.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17826
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/17918
third-party-advisory
x_refsource_SECUNIA
http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/427980/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
vendor-advisory
x_refsource_MANDRAKE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/18056
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://secunia.com/advisories/17073
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18059
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.debian.org/security/2005/dsa-922
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/bid/14791
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.debian.org/security/2005/dsa-921
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-514.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17826
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/17918
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/18056
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
vendor-advisory
x_refsource_MANDRAKE
x_transferred
http://secunia.com/advisories/17073
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18059
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/419522/100/0/threaded
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.debian.org/security/2005/dsa-922
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/bid/14791
vdb-entry
x_refsource_BID
x_transferred
http://www.debian.org/security/2005/dsa-921
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-514.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17826
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/17918
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/427980/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
vendor-advisory
x_refsource_MANDRAKE
x_transferred
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/18056
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://secunia.com/advisories/17073
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18059
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-922
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/14791
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-921
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-514.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17826
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/17918
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Sep, 2005 | 19:07
Updated At:16 Apr, 2026 | 00:27

The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1
cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:386:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_xeon:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc_smp:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237cve@mitre.org
Patch
http://secunia.com/advisories/17073cve@mitre.org
N/A
http://secunia.com/advisories/17826cve@mitre.org
N/A
http://secunia.com/advisories/17918cve@mitre.org
N/A
http://secunia.com/advisories/18056cve@mitre.org
N/A
http://secunia.com/advisories/18059cve@mitre.org
N/A
http://www.debian.org/security/2005/dsa-921cve@mitre.org
N/A
http://www.debian.org/security/2005/dsa-922cve@mitre.org
N/A
http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-514.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/419522/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/427980/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/14791cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394cve@mitre.org
N/A
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237af854a3a-2127-422b-91ae-364da2661108
Patch
http://secunia.com/advisories/17073af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17826af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17918af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18056af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18059af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-921af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-922af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-514.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/419522/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/427980/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/14791af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://secunia.com/advisories/17073
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17826
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17918
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/18056
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/18059
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-921
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-922
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-514.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/14791
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://secunia.com/advisories/17073
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17826
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17918
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18056
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18059
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-921
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-922
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git%3Ba=commit%3Bh=bcfff0b471a60df350338bcd727fc9b8a6aa54b2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-514.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/14791
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

116Records found
CVE-2019-18844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.58%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 19:12
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-acrnn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2019-12818
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.54% / 90.31%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 01:24
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-7841
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-18.31% / 95.25%
||
7 Day CHG~0.00%
Published-30 Nov, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2019-11478
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-5.3||MEDIUM
EPSS-29.76% / 96.66%
||
7 Day CHG~0.00%
Published-18 Jun, 2019 | 23:34
Updated-16 Sep, 2024 | 23:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SACK can cause extensive memory use via fragmented resend queue

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.

Action-Not Available
Vendor-Ivanti SoftwareCanonical Ltd.Linux Kernel Organization, IncPulse SecureF5, Inc.Red Hat, Inc.
Product-ubuntu_linuxbig-ip_webacceleratorpulse_secure_virtual_application_delivery_controllerbig-ip_application_acceleration_managerenterprise_linux_atomic_hostbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linuxenterprise_linux_ausbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systemconnect_securebig-ip_application_security_managerbig-ip_edge_gatewaylinux_kernelbig-ip_link_controllerenterprise_linux_euspulse_policy_securebig-ip_access_policy_managertraffix_signaling_delivery_controllerenterprise_mrgbig-ip_advanced_firewall_managerLinux kernel
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-11479
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-5.3||MEDIUM
EPSS-13.36% / 94.21%
||
7 Day CHG~0.00%
Published-18 Jun, 2019 | 23:34
Updated-16 Sep, 2024 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncF5, Inc.
Product-ubuntu_linuxbig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linuxvirtualization_hostbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systemiworkflowbig-ip_application_security_managerbig-ip_edge_gatewaylinux_kernelbig-ip_link_controllerbig-iq_centralized_managemententerprise_managerbig-ip_access_policy_managertraffix_signaling_delivery_controllerbig-ip_advanced_firewall_managerLinux kernel
CWE ID-CWE-405
Asymmetric Resource Consumption (Amplification)
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-29703
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.64% / 70.75%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 18:45
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CVE-2021-29702
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.76% / 73.33%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 16:15
Updated-16 Sep, 2024 | 23:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixdb2windowslinux_kernelDB2 for Linux- UNIX and Windows
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-29725
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 83.89%
||
7 Day CHG~0.00%
Published-15 Jul, 2021 | 16:00
Updated-16 Sep, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.

Action-Not Available
Vendor-Oracle CorporationIBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-solarislinux_kernelsterling_secure_proxywindowssecure_external_authentication_serveraixSecure External Authentication ServerSecure Proxy
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2014-4667
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-14.14% / 94.39%
||
7 Day CHG~0.00%
Published-03 Jul, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxlinux_enterprise_desktoplinux_enterprise_real_time_extensionlinux_enterprise_serverlinux_kerneln/a
CVE-2014-3688
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.96% / 83.61%
||
7 Day CHG~0.00%
Published-30 Nov, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-1786
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 53.50%
||
7 Day CHG~0.00%
Published-12 Nov, 2018 | 16:00
Updated-17 Sep, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-tivoli_storage_managerlinux_kerneltivoli_storage_manager_for_virtual_environments_data_protection_for_vmwarespectrum_protectwindowsspectrum_protect_for_virtual_environments_data_protection_for_hyper-vtivoli_storage_manager_for_virtual_environments_data_protection_for_hyper-vspectrum_protect_manager_for_virtual_environments_data_protection_for_vmwareSpectrum Protect
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-16871
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.52% / 81.37%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 16:19
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Action-Not Available
Vendor-NetApp, Inc.Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverh300eenterprise_linux_server_eush500scloud_backupenterprise_linux_server_ausenterprise_linuxh410c_firmwareh300s_firmwareh410sh300sh300e_firmwaredeveloper_toolslinux_kernelh500emrg_realtimeenterprise_linux_workstationh410s_firmwareh500s_firmwareh500e_firmwareh700s_firmwareenterprise_linux_eush700eh410centerprise_linux_server_tush700e_firmwareh700senterprise_linux_desktopkernel:
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2005-2458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-13.59% / 94.27%
||
7 Day CHG~0.00%
Published-22 Aug, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2013-0899
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.17% / 78.73%
||
7 Day CHG~0.00%
Published-23 Feb, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

Action-Not Available
Vendor-opus-codecn/aApple Inc.openSUSEGoogle LLCLinux Kernel Organization, IncMicrosoft Corporation
Product-mac_os_xipadoswindowsiphone_osmacosopuschromelinux_kernelopensusen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22354
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.18% / 39.20%
||
7 Day CHG~0.00%
Published-14 Mar, 2022 | 16:45
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM X-Force ID: 220485.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-spectrum_copy_data_managementlinux_kernelspectrum_protect_plusSpectrum Protect PlusSpectrum Copy Data Management
CVE-2017-5970
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.75% / 82.67%
||
7 Day CHG~0.00%
Published-14 Feb, 2017 | 06:30
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found