CVE-2005-1368 Details

CVE-2005-1368

Published: 2005-05-02
Last Modified: 2018-10-19
CVE Author: NIST National Vulnerability Database
CVE Assigner: cve@mitre.org
Summary

The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.

Analysis
Common Vulnerability Score System v2.0
Severity Low
Base Score 1.2/10
Exploit Score 1.9/10
Access Vector Local
Access Complexity High
Authentication None
Impact Score 2.9/10
Confidentiality Impact None
Availability Impact Partial
Integrity Impact None
Vector String AV:L/AC:H/Au:N/C:N/I:N/A:P
Common Vulnerability Score System v3.1

NIST has not assigned a CVSSv3.1 Score.

Products Reported
CPE Vulnerable Start Excluding
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:* Yes - -
References

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.8
http://linux.bkbits.net:8080/linux-2.6/cset%40423078fafVa6mAyny23YZ87hDipmTw
http://www.securityfocus.com/archive/1/427980/100/0/threaded

CVE ID
CVE-2005-1368
Published
2005-05-02
Modified
2018-10-19
CVSSv2.0
Low
PCI Compliance
Pass
US-CERT Alert
No
CWE
CWE Pending

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities.