CVE Vulnerabilities

CVE-2005-2800

Published: Sep 06, 2005 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.11 2.6.11
Linux_kernel Linux 2.6.5 2.6.5
Linux_kernel Linux 2.6.1 2.6.1
Linux_kernel Linux 2.6.13 2.6.13
Linux_kernel Linux 2.6.10 2.6.10
Linux_kernel Linux 2.6.3 2.6.3
Linux_kernel Linux 2.6.4 2.6.4
Linux_kernel Linux 2.6.2 2.6.2
Linux_kernel Linux 2.6.8 2.6.8
Linux_kernel Linux 2.6.0 2.6.0
Linux_kernel Linux 2.6.7 2.6.7
Linux_kernel Linux 2.6.9 2.6.9
Linux_kernel Linux 2.6.6 2.6.6
Linux_kernel Linux 2.6.12 2.6.12

References