Main Vulnerability Database Exploits ID:10313 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2005-3807

ID:10313 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2005-3807

Published: August 7, 2024

Vulnerability identifier: #VU95468

Vulnerability risk: Low

CVE-ID: CVE-2005-3807

CWE-ID: CWE-401

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/26749/

Vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.

Remediation

Install update from vendor's repository.

ID:10313 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2005-3807

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human