Linux Kernel 本地拒绝服务漏洞

漏洞信息详情

Linux Kernel 本地拒绝服务漏洞

• CNNVD编号：CNNVD-200508-244
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2005-2098
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2005-08-23
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  linux
• 漏洞来源：
  David Howells repo…

Linux内核2.6.12.5之前的版本中 KEYCTL_JOIN_SESSION_KEYRING运算包含错误路径，该错误路径不能正确地释放会话管理信号量。这使得本地用户或远程攻击者可以借助于带有(1)空名称字符串的新会话钥匙圈，带有(2)长的名称字符串的新会话钥匙圈，带有(3)达到的钥匙配额会话钥匙圈或(4)ENOMEM，造成拒绝服务(信号量挂起)。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Linux kernel 2.6 -test6

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test1

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test4

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test7

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test9

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test2

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test8

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test11

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test10

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test9-CVS

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

Linux kernel 2.6 -test3

Linux patch-2.6.13-rc6-git1.bz2

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.13-rc6-git 1.bz2

来源: SECUNIA

名称: 16355

链接:http://secunia.com/advisories/16355/

来源: UBUNTU

名称: USN-169-1

链接:http://www.ubuntulinux.org/support/documentation/usn/usn-169-1

来源: kernel.org

链接:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5

来源: BID

名称: 14521

链接:http://www.securityfocus.com/bid/14521

来源: FEDORA

名称: FLSA:157459-3

链接:http://www.securityfocus.com/archive/1/archive/1/427980/100/0/threaded

来源: REDHAT

名称: RHSA-2005:514

链接:http://www.redhat.com/support/errata/RHSA-2005-514.html

来源: MANDRIVA

名称: MDKSA-2005:220

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

来源: SECUNIA

名称: 17073

链接:http://secunia.com/advisories/17073

来源: MANDRIVA

名称: MDKSA-2005:220

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:220