Vulnerability Bulletins

int(1398)

Vulnerability Bulletins

Vulnerabilidad en la función mlockall del kernel de Linux
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Denegación de Servicio
Dificulty	Experto
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Linux kernel
Description
Se ha descubierto una vulnerabilidad en el kernel de Linux. La vulnerabilidad reside en la función mlockall y permite saltarse el límite impuesto por "RLIM_MEMLOCK". La explotación de esta vulnerabilidad podría permitir a un atacante local causar una situación de denegación de servicio del sistema mediante el consumo de los recursos del sistema (CPU y memoria).
Solution
Actualización de software Red Hat Linux Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (2.4.21) Red Hat Desktop (v. 3) / SRPMS kernel-2.4.21-37.EL.src.rpm Red Hat Desktop (v. 3) / IA-32 kernel-2.4.21-37.EL.athlon.rpm kernel-2.4.21-37.EL.i686.rpm kernel-BOOT-2.4.21-37.EL.i386.rpm kernel-doc-2.4.21-37.EL.i386.rpm kernel-hugemem-2.4.21-37.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm kernel-smp-2.4.21-37.EL.athlon.rpm kernel-smp-2.4.21-37.EL.i686.rpm kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm kernel-smp-unsupported-2.4.21-37.EL.i686.rpm kernel-source-2.4.21-37.EL.i386.rpm kernel-unsupported-2.4.21-37.EL.athlon.rpm kernel-unsupported-2.4.21-37.EL.i686.rpm Red Hat Desktop (v. 3) / x86_64 kernel-2.4.21-37.EL.ia32e.rpm kernel-2.4.21-37.EL.x86_64.rpm kernel-doc-2.4.21-37.EL.x86_64.rpm kernel-smp-2.4.21-37.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm kernel-source-2.4.21-37.EL.x86_64.rpm kernel-unsupported-2.4.21-37.EL.ia32e.rpm kernel-unsupported-2.4.21-37.EL.x86_64.rpm Red Hat Enterprise Linux AS (v. 3) / SRPMS kernel-2.4.21-37.EL.src.rpm Red Hat Enterprise Linux AS (v. 3) / IA-32 kernel-2.4.21-37.EL.athlon.rpm kernel-2.4.21-37.EL.i686.rpm kernel-BOOT-2.4.21-37.EL.i386.rpm kernel-doc-2.4.21-37.EL.i386.rpm kernel-hugemem-2.4.21-37.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm kernel-smp-2.4.21-37.EL.athlon.rpm kernel-smp-2.4.21-37.EL.i686.rpm kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm kernel-smp-unsupported-2.4.21-37.EL.i686.rpm kernel-source-2.4.21-37.EL.i386.rpm kernel-unsupported-2.4.21-37.EL.athlon.rpm kernel-unsupported-2.4.21-37.EL.i686.rpm Red Hat Enterprise Linux AS (v. 3) / IA-64 kernel-2.4.21-37.EL.ia64.rpm kernel-doc-2.4.21-37.EL.ia64.rpm kernel-source-2.4.21-37.EL.ia64.rpm kernel-unsupported-2.4.21-37.EL.ia64.rpm Red Hat Enterprise Linux AS (v. 3) / PPC kernel-2.4.21-37.EL.ppc64iseries.rpm kernel-2.4.21-37.EL.ppc64pseries.rpm kernel-doc-2.4.21-37.EL.ppc64.rpm kernel-source-2.4.21-37.EL.ppc64.rpm kernel-unsupported-2.4.21-37.EL.ppc64iseries.rpm kernel-unsupported-2.4.21-37.EL.ppc64pseries.rpm Red Hat Enterprise Linux AS (v. 3) / s390 kernel-2.4.21-37.EL.s390.rpm kernel-doc-2.4.21-37.EL.s390.rpm kernel-source-2.4.21-37.EL.s390.rpm kernel-unsupported-2.4.21-37.EL.s390.rpm Red Hat Enterprise Linux AS (v. 3) / s390x kernel-2.4.21-37.EL.s390x.rpm kernel-doc-2.4.21-37.EL.s390x.rpm kernel-source-2.4.21-37.EL.s390x.rpm kernel-unsupported-2.4.21-37.EL.s390x.rpm Red Hat Enterprise Linux AS (v. 3) / x86_64 kernel-2.4.21-37.EL.ia32e.rpm kernel-2.4.21-37.EL.x86_64.rpm kernel-doc-2.4.21-37.EL.x86_64.rpm kernel-smp-2.4.21-37.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm kernel-source-2.4.21-37.EL.x86_64.rpm kernel-unsupported-2.4.21-37.EL.ia32e.rpm kernel-unsupported-2.4.21-37.EL.x86_64.rpm Red Hat Enterprise Linux ES (v. 3) / SRPMS kernel-2.4.21-37.EL.src.rpm Red Hat Enterprise Linux ES (v. 3) / IA-32 kernel-2.4.21-37.EL.athlon.rpm kernel-2.4.21-37.EL.i686.rpm kernel-BOOT-2.4.21-37.EL.i386.rpm kernel-doc-2.4.21-37.EL.i386.rpm kernel-hugemem-2.4.21-37.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm kernel-smp-2.4.21-37.EL.athlon.rpm kernel-smp-2.4.21-37.EL.i686.rpm kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm kernel-smp-unsupported-2.4.21-37.EL.i686.rpm kernel-source-2.4.21-37.EL.i386.rpm kernel-unsupported-2.4.21-37.EL.athlon.rpm kernel-unsupported-2.4.21-37.EL.i686.rpm Red Hat Enterprise Linux ES (v. 3) / IA-64 kernel-2.4.21-37.EL.ia64.rpm kernel-doc-2.4.21-37.EL.ia64.rpm kernel-source-2.4.21-37.EL.ia64.rpm kernel-unsupported-2.4.21-37.EL.ia64.rpm Red Hat Enterprise Linux ES (v. 3) / x86_64 kernel-2.4.21-37.EL.ia32e.rpm kernel-2.4.21-37.EL.x86_64.rpm kernel-doc-2.4.21-37.EL.x86_64.rpm kernel-smp-2.4.21-37.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm kernel-source-2.4.21-37.EL.x86_64.rpm kernel-unsupported-2.4.21-37.EL.ia32e.rpm kernel-unsupported-2.4.21-37.EL.x86_64.rpm Red Hat Enterprise Linux WS (v. 3) / SRPMS kernel-2.4.21-37.EL.src.rpm Red Hat Enterprise Linux WS (v. 3) / IA-32 kernel-2.4.21-37.EL.athlon.rpm kernel-2.4.21-37.EL.i686.rpm kernel-BOOT-2.4.21-37.EL.i386.rpm kernel-doc-2.4.21-37.EL.i386.rpm kernel-hugemem-2.4.21-37.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-37.EL.i686.rpm kernel-smp-2.4.21-37.EL.athlon.rpm kernel-smp-2.4.21-37.EL.i686.rpm kernel-smp-unsupported-2.4.21-37.EL.athlon.rpm kernel-smp-unsupported-2.4.21-37.EL.i686.rpm kernel-source-2.4.21-37.EL.i386.rpm kernel-unsupported-2.4.21-37.EL.athlon.rpm kernel-unsupported-2.4.21-37.EL.i686.rpm Red Hat Enterprise Linux WS (v. 3) / IA-64 kernel-2.4.21-37.EL.ia64.rpm kernel-doc-2.4.21-37.EL.ia64.rpm kernel-source-2.4.21-37.EL.ia64.rpm kernel-unsupported-2.4.21-37.EL.ia64.rpm Red Hat Enterprise Linux WS (v. 3) / x86_64 kernel-2.4.21-37.EL.ia32e.rpm kernel-2.4.21-37.EL.x86_64.rpm kernel-doc-2.4.21-37.EL.x86_64.rpm kernel-smp-2.4.21-37.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-37.EL.x86_64.rpm kernel-source-2.4.21-37.EL.x86_64.rpm kernel-unsupported-2.4.21-37.EL.ia32e.rpm kernel-unsupported-2.4.21-37.EL.x86_64.rpm
Standar resources
Property	Value
CVE	CAN-2005-0179
BID
Other resources
Red Hat Security Advisory RHSA-2005:092-14 https://rhn.redhat.com/errata/RHSA-2005-092.html Red Hat Security Advisory (RHSA-2005:081-11) https://rhn.redhat.com/errata/RHSA-2005-081.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-02-21
1.1	Aviso emitido por Red Hat (RHSA-2005:081-11)	2005-10-07

Vulnerability Bulletins

Vulnerabilidad en la función mlockall del kernel de Linux

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history