| Name | CVE-2005-1768 |
| Description | Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-921-1 |
| Debian Bugs | 319629 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| kernel-image-2.4.27-alpha | source | sarge | 2.4.27-10sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-arm | source | sarge | 2.4.27-2sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-i386 | source | sarge | 2.4.27-10sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-ia64 | source | sarge | 2.4.27-10sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-m68k | source | sarge | 2.4.27-3sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-s390 | source | sarge | 2.4.27-2sarge1 | DSA-921-1 | ||
| kernel-image-2.4.27-sparc | source | sarge | 2.4.27-9sarge1 | DSA-921-1 | ||
| kernel-patch-2.4.27-arm | source | sarge | 2.4.27-1sarge1 | DSA-921-1 | ||
| kernel-patch-2.4.27-mips | source | sarge | 2.4.27-10.sarge1.040815-1 | DSA-921-1 | ||
| kernel-patch-powerpc-2.4.27 | source | sarge | 2.4.27-10sarge1 | DSA-921-1 | ||
| kernel-source-2.4.27 | source | sarge | 2.4.27-10sarge1 | DSA-921-1 | ||
| kernel-source-2.4.27 | source | (unstable) | 2.4.27-11 | medium | 319629 |