CVE-2005-1264
Advisory lineage Upstream: 0 Downstream: 1
Downstream
Modified
Published: 17 May 2005, 04:00
Last modified:07 Aug 2024, 21:44
Vulnerability Summary
Overall Risk (default)
medium
39/100 CVSS Score
7.2 HIGH
v2.0 (nvd)
EPSS Score
0.06% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected
Timeline
17 May 2005, 04:00
Published
Vulnerability first disclosed
07 Aug 2024, 21:44
Last Modified
Vulnerability information updated
Description
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.
CVSS Metrics
- v2.0•HIGH•Score: 7.2AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Trends
Current EPSS score: 0.06%• Percentile: 19%
Affected Systems
- linux•linux_kernel
2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.7 | 2.6.7:rc1 | 2.6.8 | 2.6.8:rc1 | 2.6.8:rc2 | 2.6.8:rc3 | 2.6.9:2.6.20 | 2.6_test9_cvs
References (9)
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10264
- http://www.vupen.com/english/advisories/2005/0557
- http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html
- http://www.securityfocus.com/bid/13651
- http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html
- http://www.redhat.com/support/errata/RHSA-2005-420.html
- http://www.securityfocus.com/archive/1/427980/100/0/threaded
- http://marc.info/?l=linux-kernel&m=111630512512222