Oval Definition:	oval:org.mitre.oval:def:9954
Revision Date: 2014-06-09 Version: 14 Title: Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error. Description: Memory leak in the seq_file implemenetation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-2800 Platform(s): CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 4 Product(s): Definition Synopsis RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section kernel-smp-devel is earlier than 0:2.6.9-22.0.2.EL OR kernel-hugemem is earlier than 0:2.6.9-22.0.2.EL OR kernel-devel is earlier than 0:2.6.9-22.0.2.EL OR kernel is earlier than 0:2.6.9-22.0.2.EL OR kernel-hugemem-devel is earlier than 0:2.6.9-22.0.2.EL OR kernel-doc is earlier than 0:2.6.9-22.0.2.EL OR kernel-smp is earlier than 0:2.6.9-22.0.2.EL
BACK