New Search

The audit system in Linux kernel 2.6.6 and other versions before 2.6.13.4 when CONFIG_AUDITSYSCALL is enabled uses an incorrect function to free names_cache memory which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

oval:org.mitre.oval:def:9467

The audit system in Linux kernel 2.6.6 and other versions before 2.6.13.4 when CONFIG_AUDITSYSCALL is enabled uses an incorrect function to free names_cache memory which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-3181
Product(s):