What is the severity of CVE-2005-2098?

CVE-2005-2098 is classified as a high-severity vulnerability due to its potential to cause denial of service (semaphore hang).

How do I fix CVE-2005-2098?

To fix CVE-2005-2098, update the Linux kernel to version 2.6.12.5 or later, where the vulnerability is patched.

Who can exploit CVE-2005-2098?

Both local users and remote attackers can exploit CVE-2005-2098 to cause a denial of service.

What kind of denial of service does CVE-2005-2098 cause?

CVE-2005-2098 can cause a denial of service by resulting in a semaphore hang, disrupting the session keyring management.

Vulnerability/
CVE-2005-2098

medium

CWE

NVD-CWE-Other

22/8/2005

7/8/2024

CVE-2005-2098

First published: Mon Aug 22 2005(Updated: )

The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux kernel	=2.6.11-rc3
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.11
Linux kernel	=2.6.12-rc1
Linux kernel	=2.6.12-rc4
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.11.2
Linux kernel	=2.6.5
Linux kernel	=2.6.1
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.11.8
Linux kernel	=2.6.11_rc1_bk6
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.10
Linux kernel	=2.6.11.6
Linux kernel	=2.6.0-test5
Linux kernel	=2.6.3
Linux kernel	=2.6.0-test2
Linux kernel	=2.6.4
Linux kernel	=2.6_test9_cvs
Linux kernel	=2.6.11.5
Linux kernel	=2.6.7-rc1
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.2
Linux kernel	=2.6.8-rc1
Linux kernel	=2.6.0-test11
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.1-rc2
Linux kernel	=2.6.11-rc4
Linux kernel	=2.6.8
Linux kernel	=2.6.0-test1
Linux kernel	=2.6.0-test6
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.10-rc2
Linux kernel	=2.6.0-test4
Linux kernel	=2.6.0
Linux kernel	=2.6.0-test10
Linux kernel	=2.6.0-test9
Linux kernel	=2.6.11.3
Linux kernel	=2.6.7
Linux kernel	=2.6.11-rc2
Linux kernel	=2.6.1-rc1
Linux kernel	=2.6.6-rc1
Linux kernel	=2.6.9-2.6.20
Linux kernel	=2.6.11.7
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.0-test7
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8-rc2
Linux kernel	=2.6.8.1.5
Linux kernel	=2.6.8-rc3
Linux kernel	=2.6.11.4
Linux kernel	=2.6.0-test8
Linux kernel	=2.6.11.1
Linux kernel	=2.6.6
Linux kernel	=2.6.0-test3

Remedy

http://secunia.com/advisories/16355/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-2098?
CVE-2005-2098 is classified as a high-severity vulnerability due to its potential to cause denial of service (semaphore hang).
How do I fix CVE-2005-2098?
To fix CVE-2005-2098, update the Linux kernel to version 2.6.12.5 or later, where the vulnerability is patched.
What does CVE-2005-2098 affect?
CVE-2005-2098 affects the KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel versions prior to 2.6.12.5.
Who can exploit CVE-2005-2098?
Both local users and remote attackers can exploit CVE-2005-2098 to cause a denial of service.
What kind of denial of service does CVE-2005-2098 cause?
CVE-2005-2098 can cause a denial of service by resulting in a semaphore hang, disrupting the session keyring management.

agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/linux
canonical/linux kernel
version/linux kernel/2.6.0
version/linux kernel/2.6.0-test1
version/linux kernel/2.6.0-test10
version/linux kernel/2.6.0-test11
version/linux kernel/2.6.0-test2
version/linux kernel/2.6.0-test3
version/linux kernel/2.6.0-test4
version/linux kernel/2.6.0-test5
version/linux kernel/2.6.0-test6
version/linux kernel/2.6.0-test7
version/linux kernel/2.6.0-test8
version/linux kernel/2.6.0-test9
version/linux kernel/2.6.1
version/linux kernel/2.6.1-rc1
version/linux kernel/2.6.1-rc2
version/linux kernel/2.6.2
version/linux kernel/2.6.3
version/linux kernel/2.6.4
version/linux kernel/2.6.5
version/linux kernel/2.6.6
version/linux kernel/2.6.6-rc1
version/linux kernel/2.6.7
version/linux kernel/2.6.7-rc1
version/linux kernel/2.6.8
version/linux kernel/2.6.8-rc1
version/linux kernel/2.6.8-rc2
version/linux kernel/2.6.8-rc3
version/linux kernel/2.6.8.1
version/linux kernel/2.6.8.1.5
version/linux kernel/2.6.9-2.6.20
version/linux kernel/2.6.10
version/linux kernel/2.6.10-rc2
version/linux kernel/2.6.11
version/linux kernel/2.6.11-rc2
version/linux kernel/2.6.11-rc3
version/linux kernel/2.6.11-rc4
version/linux kernel/2.6.11.1
version/linux kernel/2.6.11.2
version/linux kernel/2.6.11.3
version/linux kernel/2.6.11.4
version/linux kernel/2.6.11.5
version/linux kernel/2.6.11.6
version/linux kernel/2.6.11.7
version/linux kernel/2.6.11.8
version/linux kernel/2.6.11_rc1_bk6
version/linux kernel/2.6.12-rc1
version/linux kernel/2.6.12-rc4
version/linux kernel/2.6_test9_cvs

CVE-2005-2098

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-2098?

How do I fix CVE-2005-2098?

What does CVE-2005-2098 affect?

Who can exploit CVE-2005-2098?

What kind of denial of service does CVE-2005-2098 cause?

Company

Resources

Contact