PT-2005-5554 · Linux+2 · Linux Kernel+2

Andreas Gruenbacher

·

Published

1970-01-01

·

Updated

2024-02-16

·

CVE-2005-2801

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.27-* versions Debian GNU/Linux kernel-headers-2.4.27-* versions Debian GNU/Linux kernel-pcmcia-modules-2.4.27-* versions Debian GNU/Linux kernel-patch-2.4.27-* versions Debian GNU/Linux kernel-build-2.4.27-* versions Debian GNU/Linux kernel-tree-2.4.27 versions Debian GNU/Linux kernel-source-2.4.27 versions Debian GNU/Linux kernel-doc-2.4.27 versions Debian GNU/Linux mips-tools versions
Description The issue is related to multiple vulnerabilities in the Debian GNU/Linux kernel packages, which can lead to a disruption of protected information. These vulnerabilities can be exploited remotely. The problem is also related to the ext2 and ext3 file system code for the Linux kernel 2.6, where the xattr.c does not properly compare the name index fields when sharing xattr blocks, potentially preventing default ACLs from being applied.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-697

Related Identifiers

BDU:2015-01293
BDU:2015-02691
BDU:2015-02692
BDU:2015-02693
BDU:2015-02694
BDU:2015-02695
BDU:2015-02696
BDU:2015-02697
BDU:2015-02698
BDU:2015-02699
BDU:2015-02700
BDU:2015-02701
BDU:2015-02702
BDU:2015-02703
BDU:2015-02704
BDU:2015-02705
BDU:2015-02706
BDU:2015-02707
BDU:2015-02708
BDU:2015-02709
BDU:2015-02710
BDU:2015-02711
BDU:2015-02712
BDU:2015-02713
BDU:2015-02714
BDU:2015-02715
BDU:2015-02716
BDU:2015-02717
BDU:2015-02718
BDU:2015-02719
BDU:2015-02720
BDU:2015-02721
BDU:2015-02722
BDU:2015-02723
BDU:2015-02724
BDU:2015-02725
BDU:2015-02726
BDU:2015-02727
BDU:2015-02728
BDU:2015-02729
BDU:2015-02730
BDU:2015-02731
BDU:2015-02732
BDU:2015-02733
BDU:2015-02734
BDU:2015-02735
BDU:2015-02736
BDU:2015-02737
BDU:2015-02738
BDU:2015-02739
BDU:2015-02740
BDU:2015-02741
BDU:2015-02742
BDU:2015-02743
BDU:2015-02744
BDU:2015-02745
BDU:2015-02746
BDU:2015-02747
BDU:2015-02748
BDU:2015-02749
BDU:2015-02750
BDU:2015-02751
BDU:2015-02752
BDU:2015-02753
BDU:2015-02754
BDU:2015-02755
BDU:2015-02756
BDU:2015-02757
BDU:2015-02758
BDU:2015-02759
BDU:2015-02760
BDU:2015-02761
BDU:2015-02762
BDU:2015-02763
BDU:2015-02764
BDU:2015-02765
BDU:2015-02766
BDU:2015-02767
BDU:2015-02768
BDU:2015-02769
BDU:2015-02770
BDU:2015-02771
BDU:2015-02772
BDU:2015-02773
BDU:2015-02774
BDU:2015-02775
BDU:2015-02776
BDU:2015-02777
BDU:2015-02778
BDU:2015-02779
BDU:2015-02780
BDU:2015-02781
BDU:2015-02782
BDU:2015-02783
CVE-2005-2801
DSA-921-1
DSA-922-1
RHSA-2005:514
RHSA-2005_514
RHSA-2006:0144

Affected Products

Debian
Linux Kernel
Red Hat