CVE-2005-0977 : The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argum

The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.

Published 2005-05-02 04:00:00

Updated 2018-10-19 15:31:30

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2005-0977

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-0977

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2005-0977

Products affected by CVE-2005-0977

Linux » Linux Kernel » Version: 2.6.8.1.5
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Amd64 Xeon Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_xeon:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 K7 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 386 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:386:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 686 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 K7 Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7_smp:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Power3 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Power3 Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3_smp:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 686 Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686_smp:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Amd64 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Power4 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Power4 Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4_smp:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Amd64 K8 Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Amd64 K8 Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8_smp:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Powerpc Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8.1.5 Powerpc Smp Edition
cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc_smp:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-0977

Exploit prediction scoring system (EPSS) score for CVE-2005-0977

CVSS scores for CVE-2005-0977

References for CVE-2005-0977

Products affected by CVE-2005-0977