CVE-2005-2490 Information

Description

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

Reference

http://marc.info/?l=bugtraq&m=112690609622266&w=2 http://secunia.com/advisories/16747/ http://secunia.com/advisories/17002 http://secunia.com/advisories/17073 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.securityfocus.com/archive/1/419522/100/0/threaded http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.securityfocus.com/archive/1/428028/100/0/threaded http://www.securityfocus.com/archive/1/428058/100/0/threaded http://www.securityfocus.com/bid/14785 http://www.ubuntu.com/usn/usn-178-1 http://www.vupen.com/english/advisories/2005/1878 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166248 https://exchange.xforce.ibmcloud.com/vulnerabilities/22217 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10481