Memory Leak Vulnerability in Linux Kernel 2.6.6 and Earlier Versions

Memory Leak Vulnerability in Linux Kernel 2.6.6 and Earlier Versions

CVE-2005-3181 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.