Kernel Denial of Service and Code Execution Vulnerability in Linux 2.6.14.1

Kernel Denial of Service and Code Execution Vulnerability in Linux 2.6.14.1

CVE-2005-2709 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.