Race Condition in Linux Kernel on Multiprocessor Systems
CVE-2005-0001

Currently unrated

Key Information:

Vendor: Linux
Status: Linux Kernel; Enterprise Linux; Enterprise Linux Desktop; Secure Linux
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0001?

A race condition exists in the page fault handler of the Linux Kernel, specifically impacting versions 2.2.x through 2.2.7, 2.4 up to 2.4.29, and 2.6 up to 2.6.10. When the kernel is run on multiprocessor hardware, local users can exploit this flaw to execute arbitrary code. This is achievable when multiple threads share the same virtual memory space, leading to simultaneous requests for stack expansion. Proper mitigation strategies are essential to safeguard systems from potential exploits driven by this vulnerability.

References

http://secunia.com/advisories/20163

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/13822

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2006/dsa-1082

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Jan 3, 2005