CVE-2005-3181

Name: CVE-2005-3181
Creator: NVD / NIST
Published: 2005-10-12T13:04:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.50%

Last modified Jun 16, 2026

CVE-2005-3181 is a vulnerability of currently unknown severity. The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).. EPSS estimates a 0.50% chance of exploitation in the next 30 days.

Description

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).

Metrics

EPSS Probability

0.50%

38.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-401

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	>= 2.6.0, <= 2.6.13.3
Canonical	Ubuntu Linux	4.10
Canonical	Ubuntu Linux	5.04
Debian	Debian Linux	3.1
Mandriva	Linux	10.1
Mandriva	Linux	10.2
Mandriva	Linux	2006.0

References

http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcABroken Link
http://secunia.com/advisories/17114Broken Link, Vendor Advisory
http://secunia.com/advisories/17280Broken Link, Vendor Advisory
http://secunia.com/advisories/17364Broken Link, Vendor Advisory
http://secunia.com/advisories/17826Broken Link, Vendor Advisory
http://secunia.com/advisories/17917Broken Link, Vendor Advisory
http://secunia.com/advisories/19374Broken Link, Vendor Advisory
http://www.debian.org/security/2006/dsa-1017Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.htmlBroken Link
http://www.securityfocus.com/advisories/9549Broken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/advisories/9806Broken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/15076Broken Link, Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-199-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467Broken Link
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%404346883bQBeBd26syWTKX2CVC5bDcABroken Link
http://secunia.com/advisories/17114Broken Link, Vendor Advisory
http://secunia.com/advisories/17280Broken Link, Vendor Advisory
http://secunia.com/advisories/17364Broken Link, Vendor Advisory
http://secunia.com/advisories/17826Broken Link, Vendor Advisory
http://secunia.com/advisories/17917Broken Link, Vendor Advisory
http://secunia.com/advisories/19374Broken Link, Vendor Advisory
http://www.debian.org/security/2006/dsa-1017Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-808.htmlBroken Link
http://www.securityfocus.com/advisories/9549Broken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/advisories/9806Broken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/427980/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/15076Broken Link, Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-199-1Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9467Broken Link

Timeline

Published: Oct 12, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-3181?

How severe is CVE-2005-3181?

Severity scoring for CVE-2005-3181 is pending analysis. The EPSS model estimates a 0.50% probability of exploitation in the next 30 days.

How do I fix CVE-2005-3181?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-3181?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST