Bug 106157 (CVE-2005-2548)

Summary:	VUL-0: CVE-2005-2548: kernel: SNMP can crash the 2.6 kernel
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Thomas Biege <thomas>
Component:	Incidents	Assignee:	Hubert Mantel <mantel>
Status:	RESOLVED INVALID	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P5 - None	CC:	patch-request, security-team
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	All
Whiteboard:	CVE-2005-2548: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By:	Other	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Thomas Biege 2005-08-22 13:45:07 UTC

Hi,
a bug in the 2.6 kernel can be used to trigger a denial-of-service attack.

http://www.securityfocus.com/bid/14611/info
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2548

Comment 1 Thomas Biege 2005-08-22 13:46:50 UTC

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309308

Comment 2 Marcus Meissner 2005-08-22 13:59:08 UTC

this is the patch fixing the problem: 
 
http://linux.bkbits.net:8080/linux-2.6/cset%4041422e07NI24ztnqYDv8Uxc_7tbeBg 
 
i verified the 9.2 kernel-source tree and we already have it (late enough 
2.6.9rc was used. ;)

Comment 3 Olaf Kirch 2005-08-22 14:05:51 UTC

In addition to that, this isn't really a security bug. It's so obscure.

Comment 4 Thomas Biege 2009-10-13 20:49:57 UTC

CVE-2005-2548: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)