Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4605

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-4605
Last Modified 21 Aug 2010 12:36:24
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4605

Summary

The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.15


References

CONFIRM - http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b90db0df7187a01fb7177f1f812123138f562cf

FULLDISC - 20051223 linux procfs vulnerablity

CONFIRM - http://linux.bkbits.net:8080/linux-2.6/gnupatch@43b562ae6hJGLWZA4TNf2k-RzXnVlQ

CONFIRM - http://linux.bkbits.net:8080/linux-2.6/cset@43b562ae6hJGLWZA4TNf2k-RzXnVlQ

XF - linux-procfs-information-disclosure(23811)

UBUNTU - USN-244-1

BID - 16284

FEDORA - FLSA:157459-4

REDHAT - RHSA-2006:0101

CONFIRM - http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00014.html

SUSE - SUSE-SA:2006:006

MANDRIVA - MDKSA-2006:040

DEBIAN - DSA-1017

SECUNIA - 19374

SECUNIA - 19038

SECUNIA - 18788

SECUNIA - 18527

SECUNIA - 18510

SECUNIA - 18351

SECUNIA - 18216

SUSE - SUSE-SA:2006:012


Last Updated: 27 May 2016 10:41:22