Incorrect Return Value in huft_build Function in Linux Kernel

Incorrect Return Value in huft_build Function in Linux Kernel

CVE-2005-2459 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.