Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 3
kernel-0:2.4.21-47.EL cpe:/o:redhat:enterprise_linux:3 RHSA-2006:0437 2006-07-20T00:00:00Z
Red Hat Enterprise Linux 4
kernel-0:2.6.9-42.EL cpe:/o:redhat:enterprise_linux:4 RHSA-2006:0575 2006-08-10T00:00:00Z
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2006:0579 2006-07-13T00:00:00Z
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2006:0580 2006-07-13T00:00:00Z
Red Hat Enterprise Linux ES version 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2006:0579 2006-07-13T00:00:00Z
Red Hat Enterprise Linux WS version 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2006:0579 2006-07-13T00:00:00Z
Red Hat Linux Advanced Workstation 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2006:0580 2006-07-13T00:00:00Z
References
Link Providers
http://marc.info/?l=linux-kernel&m=112766129313883 cve-icon cve-icon
http://secunia.com/advisories/17826 cve-icon cve-icon
http://secunia.com/advisories/17917 cve-icon cve-icon
http://secunia.com/advisories/17918 cve-icon cve-icon
http://secunia.com/advisories/19374 cve-icon cve-icon
http://secunia.com/advisories/21035 cve-icon cve-icon
http://secunia.com/advisories/21136 cve-icon cve-icon
http://secunia.com/advisories/21465 cve-icon cve-icon
http://secunia.com/advisories/21983 cve-icon cve-icon
http://secunia.com/advisories/22417 cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm cve-icon cve-icon
http://www.debian.org/security/2006/dsa-1017 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0437.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0575.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0579.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2006-0580.html cve-icon cve-icon
http://www.securityfocus.com/advisories/9806 cve-icon cve-icon
http://www.securityfocus.com/archive/1/419522/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/14955 cve-icon cve-icon
http://www.vupen.com/english/advisories/2005/1863 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2005-3055 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9472 cve-icon cve-icon
https://usn.ubuntu.com/219-1/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2005-3055 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2005-09-26T04:00:00

Updated: 2024-08-07T22:53:30.382Z

Reserved: 2005-09-26T00:00:00

Link: CVE-2005-3055

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-09-26T19:03:00.000

Modified: 2024-11-21T00:01:01.410

Link: CVE-2005-3055

cve-icon Redhat

Severity : Moderate

Publid Date: 2005-09-25T00:00:00Z

Links: CVE-2005-3055 - Bugzilla