CVE-2005-3180

Published: October 12, 2005Last modified: November 10, 2023

Description

The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.

Status

References

• http://marc.info/?l=bugtraq&m=112914754708402&w=2
• http://secunia.com/advisories/17114
• http://secunia.com/advisories/17280
• http://secunia.com/advisories/17364
• http://secunia.com/advisories/17826
• http://secunia.com/advisories/17917
• http://secunia.com/advisories/17918
• http://secunia.com/advisories/18562
• http://secunia.com/advisories/18684
• http://secunia.com/advisories/19374
• http://securityreason.com/securityalert/75
• http://www.debian.org/security/2006/dsa-1017
• http://www.kernel.org/hg/linux-2.6/?cmd=changeset%3Bnode=feecb2ffde28639e60ede769c6f817dc536c677b
• http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
• http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
• http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
• http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
• http://www.redhat.com/support/errata/RHSA-2005-808.html
• http://www.redhat.com/support/errata/RHSA-2006-0140.html
• http://www.redhat.com/support/errata/RHSA-2006-0190.html
• http://www.redhat.com/support/errata/RHSA-2006-0191.html
• http://www.securityfocus.com/advisories/9549
• http://www.securityfocus.com/advisories/9806
• http://www.securityfocus.com/archive/1/419522/100/0/threaded
• http://www.securityfocus.com/archive/1/427980/100/0/threaded
• http://www.securityfocus.com/archive/1/428028/100/0/threaded
• http://www.securityfocus.com/archive/1/428058/100/0/threaded
• http://www.securityfocus.com/bid/15085
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11332
• https://usn.ubuntu.com/219-1/