published date: February 22, 2005

CVE-2005-0937 : Some futex functions in...

Description

Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.

Product(s):

Linux Kernel 2.5.0
Linux Kernel 2.5.10
Linux Kernel 2.5.11
Linux Kernel 2.5.12
Linux Kernel 2.5.13
Linux Kernel 2.5.14
Linux Kernel 2.5.15
Linux Kernel 2.5.16
Linux Kernel 2.5.17
Linux Kernel 2.5.18
Linux Kernel 2.5.19
Linux Kernel 2.5.1
Linux Kernel 2.5.20
Linux Kernel 2.5.21
Linux Kernel 2.5.22
Linux Kernel 2.5.23
Linux Kernel 2.5.24
Linux Kernel 2.5.25
Linux Kernel 2.5.26
Linux Kernel 2.5.27
Linux Kernel 2.5.28
Linux Kernel 2.5.29
Linux Kernel 2.5.2
Linux Kernel 2.5.30
Linux Kernel 2.5.31
Linux Kernel 2.5.32
Linux Kernel 2.5.33
Linux Kernel 2.5.34
Linux Kernel 2.5.35
Linux Kernel 2.5.36
Linux Kernel 2.5.37
Linux Kernel 2.5.38
Linux Kernel 2.5.39
Linux Kernel 2.5.3
Linux Kernel 2.5.40
Linux Kernel 2.5.41
Linux Kernel 2.5.42
Linux Kernel 2.5.43
Linux Kernel 2.5.44
Linux Kernel 2.5.45
Linux Kernel 2.5.46
Linux Kernel 2.5.47
Linux Kernel 2.5.48
Linux Kernel 2.5.49
Linux Kernel 2.5.4
Linux Kernel 2.5.50
Linux Kernel 2.5.51
Linux Kernel 2.5.52
Linux Kernel 2.5.53
Linux Kernel 2.5.54
Linux Kernel 2.5.55
Linux Kernel 2.5.56
Linux Kernel 2.5.57
Linux Kernel 2.5.58
Linux Kernel 2.5.59
Linux Kernel 2.5.5
Linux Kernel 2.5.60
Linux Kernel 2.5.61
Linux Kernel 2.5.62
Linux Kernel 2.5.63
Linux Kernel 2.5.64
Linux Kernel 2.5.65
Linux Kernel 2.5.66
Linux Kernel 2.5.67
Linux Kernel 2.5.68
Linux Kernel 2.5.69
Linux Kernel 2.5.6
Linux Kernel 2.5.7
Linux Kernel 2.5.8
Linux Kernel 2.5.9
Linux Kernel 2.6.0
Linux Kernel 2.6 test10
Linux Kernel 2.6 test11
Linux Kernel 2.6 test1
Linux Kernel 2.6 test2
Linux Kernel 2.6 test3
Linux Kernel 2.6 test4
Linux Kernel 2.6 test5
Linux Kernel 2.6 test6
Linux Kernel 2.6 test7
Linux Kernel 2.6 test8
Linux Kernel 2.6 test9
Linux Kernel 2.6.10
Linux Kernel 2.6.10 Release Candidate 1
Linux Kernel 2.6.10 Release Candidate 2
Linux Kernel 2.6.10 Release Candidate 3
Linux Kernel 2.6.11.5
Linux Kernel 2.6.11.6
Linux Kernel 2.6.11
Linux Kernel 2.6.11 Release Candidate 1
Linux Kernel 2.6.11 Release Candidate 2
Linux Kernel 2.6.11 Release Candidate 3
Linux Kernel 2.6.11 Release Candidate 4
Linux Kernel 2.6.11 Release Candidate 5
Linux Kernel 2.6.1
Linux Kernel 2.6.1 Release Candidate 1
+40 additional

CVSS:1.2 [Critical]
EPSS:0.06%
Exploitability:1.9
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2005-0937, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2005-0937 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2005-0937

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales