PT-2005-3399 · Linux · Linux Kernel

Florian Weimer

Published

2005-08-08

Updated

2017-07-11

CVE-2005-2500

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.12

Description A buffer overflow issue exists in the xdr xcode array2 function, located in xdr.c, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.

Recommendations For Linux kernel version 2.6.12, consider applying a patch to fix the buffer overflow issue in the xdr xcode array2 function as a permanent solution. As a temporary workaround, restrict access to the nfsacl protocol to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2500

Affected Products

Linux Kernel

PT-2005-3399 · Linux · Linux Kernel

CVE-2005-2500

Related Identifiers

Affected Products

References · 8