Description
The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function.
Product(s):
- Linux Kernel 2.6.0
- Linux Kernel 2.6 test10
- Linux Kernel 2.6 test11
- Linux Kernel 2.6 test1
- Linux Kernel 2.6 test2
- Linux Kernel 2.6 test3
- Linux Kernel 2.6 test4
- Linux Kernel 2.6 test5
- Linux Kernel 2.6 test6
- Linux Kernel 2.6 test7
- Linux Kernel 2.6 test8
- Linux Kernel 2.6 test9
- Linux Kernel 2.6.10
- Linux Kernel 2.6.10 Release Candidate 1
- Linux Kernel 2.6.10 Release Candidate 2
- Linux Kernel 2.6.10 Release Candidate 3
- Linux Kernel 2.6.11
- Linux Kernel 2.6.11 Release Candidate 1
- Linux Kernel 2.6.11 Release Candidate 2
- Linux Kernel 2.6.11 Release Candidate 3
- Linux Kernel 2.6.11 Release Candidate 4
- Linux Kernel 2.6.11 Release Candidate 5
- Linux Kernel 2.6.12 Release Candidate 1
- Linux Kernel 2.6.1
- Linux Kernel 2.6.1 Release Candidate 1
- Linux Kernel 2.6.1 Release Candidate 2
- Linux Kernel 2.6.1 Release Candidate 3
- Linux Kernel 2.6.2
- Linux Kernel 2.6.2 Release Candidate 1
- Linux Kernel 2.6.2 Release Candidate 2
- Linux Kernel 2.6.2 Release Candidate 3
- Linux Kernel 2.6.3
- Linux Kernel 2.6.3 Release Candidate 1
- Linux Kernel 2.6.3 Release Candidate 2
- Linux Kernel 2.6.3 Release Candidate 3
- Linux Kernel 2.6.3 Release Candidate 4
- Linux Kernel 2.6.4
- Linux Kernel 2.6.4 Release Candidate 1
- Linux Kernel 2.6.4 Release Candidate 2
- Linux Kernel 2.6.4 Release Candidate 3
- Linux Kernel 2.6.5
- Linux Kernel 2.6.5 Release Candidate 1
- Linux Kernel 2.6.5 Release Candidate 2
- Linux Kernel 2.6.5 Release Candidate 3
- Linux Kernel 2.6.6
- Linux Kernel 2.6.6 Release Candidate 1
- Linux Kernel 2.6.6 Release Candidate 2
- Linux Kernel 2.6.6 Release Candidate 3
- Linux Kernel 2.6.7
- Linux Kernel 2.6.7 Release Candidate 1
- Linux Kernel 2.6.7 Release Candidate 2
- Linux Kernel 2.6.7 Release Candidate 3
- Linux Kernel 2.6.8.1
- Linux Kernel 2.6.8
- Linux Kernel 2.6.8 Release Candidate 1
- Linux Kernel 2.6.8 Release Candidate 2
- Linux Kernel 2.6.8 Release Candidate 3
- Linux Kernel 2.6.8 Release Candidate 4
- Linux Kernel 2.6.9 2.6.20
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-1369, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-1369 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.