Lucene search

K
cve[email protected]CVE-2005-2800
HistorySep 06, 2005 - 5:03 p.m.

CVE-2005-2800

2005-09-0617:03:00
CWE-399
web.nvd.nist.gov
34
memory leak
seq_file
scsi procfs interface
linux kernel 2.6.13
denial of service
nvd
cve-2005-2800

4.9 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

23.0%

Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.

Affected configurations

NVD
Node
linuxlinux_kernelMatch2.6.0
OR
linuxlinux_kernelMatch2.6.1
OR
linuxlinux_kernelMatch2.6.2
OR
linuxlinux_kernelMatch2.6.3
OR
linuxlinux_kernelMatch2.6.4
OR
linuxlinux_kernelMatch2.6.5
OR
linuxlinux_kernelMatch2.6.6
OR
linuxlinux_kernelMatch2.6.7
OR
linuxlinux_kernelMatch2.6.8
OR
linuxlinux_kernelMatch2.6.92.6.20
OR
linuxlinux_kernelMatch2.6.10
OR
linuxlinux_kernelMatch2.6.11
OR
linuxlinux_kernelMatch2.6.12
OR
linuxlinux_kernelMatch2.6.13

4.9 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

23.0%