cvelistv5 - cve-2005-1589

CVE-2005-1589 (GCVE-0-2005-1589)

Vulnerability from cvelistv5

Published

2005-05-17 04:00

Modified

2024-08-07 21:59

Severity ?

CWE

Summary

The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.

References

URL

Tags

cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html
cve@mitre.org	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10
cve@mitre.org	http://marc.info/?l=linux-kernel&m=111630531515901&w=2
cve@mitre.org	http://secunia.com/advisories/17826
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
cve@mitre.org	http://www.securityfocus.com/bid/13651
cve@mitre.org	http://www.vupen.com/english/advisories/2005/0557
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html
af854a3a-2127-422b-91ae-364da2661108	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=linux-kernel&m=111630531515901&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17826
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13651
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/0557

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:22.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
          },
          {
            "name": "[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
          },
          {
            "name": "ADV-2005-0557",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/0557"
          },
          {
            "name": "20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
          },
          {
            "name": "13651",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13651"
          },
          {
            "name": "20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
          },
          {
            "name": "20050517 Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected]",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
          },
          {
            "name": "17826",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17826"
          },
          {
            "name": "MDKSA-2005:219",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-17T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
        },
        {
          "name": "[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
        },
        {
          "name": "ADV-2005-0557",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/0557"
        },
        {
          "name": "20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
        },
        {
          "name": "13651",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13651"
        },
        {
          "name": "20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
        },
        {
          "name": "20050517 Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected]",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
        },
        {
          "name": "17826",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17826"
        },
        {
          "name": "MDKSA-2005:219",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1589",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10",
              "refsource": "CONFIRM",
              "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
            },
            {
              "name": "[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
            },
            {
              "name": "ADV-2005-0557",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/0557"
            },
            {
              "name": "20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
            },
            {
              "name": "13651",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13651"
            },
            {
              "name": "20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
            },
            {
              "name": "20050517 Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected]",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
            },
            {
              "name": "17826",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17826"
            },
            {
              "name": "MDKSA-2005:219",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1589",
    "datePublished": "2005-05-17T04:00:00",
    "dateReserved": "2005-05-16T00:00:00",
    "dateUpdated": "2024-08-07T21:59:22.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-1589\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-05-17T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:rc4:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.12\",\"matchCriteriaId\":\"64C51EA6-1658-4B37-8C49-20F3830FACE8\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/17826\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2005:219\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/13651\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/0557\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2005:219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/13651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/0557\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2005-AVI-497

Vulnerability from certfr_avis

None

Description

Tous les éditeurs Linux ont procédé à une mise à jour des noyaux inclus dans les distributions maintenues. Chacun utilisant une version source différente et des ajouts spécifiques, aucun risque commun ne peut être identifié au-delà du déni de service local. Les distributions Ubuntu, Mandriva et Red Hat ont cependant identifié un risque d'élévation de privilèges pour un utilisateur local.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Tout système utilisant un noyau Linux.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SuSE-SA:2005:067 du 06 décembre 2005 :	-	other
Bulletin de sécurité Mandriva MDKSA-2005:219 du 30 novembre 2005 (10.1) :	-	other
Bulletin de sécurité Mandriva MDKSA-2005:235 du 21 décembre 2005 (2006.0) :	-	other
Bulletin de sécurité RedHat RHSA-2005:663 du 28 septembre 2005 :	-	other
Bulletin de sécurité Mandriva MDKSA-2005:218 du 30 novembre 2005 (CS3.0 et MNF2.0) :	-	other
Bulletin de sécurité Ubuntu USN-219-1 du 22 novembre 2005 :	-	other
Bulletin de sécurité Debian DSA 921 du 14 décembre 2005 :	-	other
Bulletin de sécurité RedHat RHSA-2005:808 du 27 octobre 2005 :	-	other
Bulletin de sécurité SUSE SuSE-SA:2005:068 du 14 décembre 2005 :	-	other
Bulletin de sécurité Mandriva MDKSA-2005:220 du 30 novembre 2005 (10.2) :	-	other
Mise à jour de sécurité Fedora Core 4 #1138 du 13 décembre 2005 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0144 du 15 mars 2006 :	-	other
Bulletin de sécurité Debian DSA 922 du 14 décembre 2005 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTout syst\u00e8me utilisant un noyau \u003cTT\u003eLinux\u003c/TT\u003e.\u003c/P\u003e",
  "content": "## Description\n\nTous les \u00e9diteurs Linux ont proc\u00e9d\u00e9 \u00e0 une mise \u00e0 jour des noyaux inclus\ndans les distributions maintenues. Chacun utilisant une version source\ndiff\u00e9rente et des ajouts sp\u00e9cifiques, aucun risque commun ne peut \u00eatre\nidentifi\u00e9 au-del\u00e0 du d\u00e9ni de service local. Les distributions Ubuntu,\nMandriva et Red Hat ont cependant identifi\u00e9 un risque d\u0027\u00e9l\u00e9vation de\nprivil\u00e8ges pour un utilisateur local.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2005-0504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0504"
    },
    {
      "name": "CVE-2005-2490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2490"
    },
    {
      "name": "CVE-2005-3053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3053"
    },
    {
      "name": "CVE-2005-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0136"
    },
    {
      "name": "CVE-2005-2801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2801"
    },
    {
      "name": "CVE-2005-3044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3044"
    },
    {
      "name": "CVE-2005-2553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2553"
    },
    {
      "name": "CVE-2005-2456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2456"
    },
    {
      "name": "CVE-2005-3806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3806"
    },
    {
      "name": "CVE-2005-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3660"
    },
    {
      "name": "CVE-2005-3274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3274"
    },
    {
      "name": "CVE-2005-2458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2458"
    },
    {
      "name": "CVE-2005-0179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0179"
    },
    {
      "name": "CVE-2005-3807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3807"
    },
    {
      "name": "CVE-2005-1761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1761"
    },
    {
      "name": "CVE-2005-2709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2709"
    },
    {
      "name": "CVE-2005-2873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2873"
    },
    {
      "name": "CVE-2005-3257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3257"
    },
    {
      "name": "CVE-2005-3107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3107"
    },
    {
      "name": "CVE-2004-1056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-1056"
    },
    {
      "name": "CVE-2005-2459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2459"
    },
    {
      "name": "CVE-2005-2555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2555"
    },
    {
      "name": "CVE-2005-3527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3527"
    },
    {
      "name": "CVE-2005-0756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0756"
    },
    {
      "name": "CVE-2005-0180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0180"
    },
    {
      "name": "CVE-2005-3119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3119"
    },
    {
      "name": "CVE-2005-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2800"
    },
    {
      "name": "CVE-2005-1765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1765"
    },
    {
      "name": "CVE-2005-2872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2872"
    },
    {
      "name": "CVE-2005-1764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1764"
    },
    {
      "name": "CVE-2005-3181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3181"
    },
    {
      "name": "CVE-2005-1589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1589"
    },
    {
      "name": "CVE-2004-2302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-2302"
    },
    {
      "name": "CVE-2005-1041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1041"
    },
    {
      "name": "CVE-2005-2099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2099"
    },
    {
      "name": "CVE-2005-3180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3180"
    },
    {
      "name": "CVE-2005-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0815"
    },
    {
      "name": "CVE-2005-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1767"
    },
    {
      "name": "CVE-2005-3805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3805"
    },
    {
      "name": "CVE-2005-3273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3273"
    },
    {
      "name": "CVE-2005-3275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3275"
    },
    {
      "name": "CVE-2005-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1762"
    },
    {
      "name": "CVE-2005-3784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3784"
    },
    {
      "name": "CVE-2005-0757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0757"
    },
    {
      "name": "CVE-2005-2098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2098"
    },
    {
      "name": "CVE-2005-3179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3179"
    },
    {
      "name": "CVE-2004-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-0181"
    },
    {
      "name": "CVE-2005-1265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1265"
    },
    {
      "name": "CVE-2005-3055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3055"
    },
    {
      "name": "CVE-2005-0400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0400"
    },
    {
      "name": "CVE-2005-3272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3272"
    },
    {
      "name": "CVE-2005-1768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1768"
    },
    {
      "name": "CVE-2005-3783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3783"
    },
    {
      "name": "CVE-2005-2548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2548"
    },
    {
      "name": "CVE-2005-3110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3110"
    },
    {
      "name": "CVE-2005-1763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1763"
    },
    {
      "name": "CVE-2005-0449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0449"
    },
    {
      "name": "CVE-2005-3276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3276"
    },
    {
      "name": "CVE-2005-2973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2973"
    },
    {
      "name": "CVE-2005-3106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3106"
    },
    {
      "name": "CVE-2005-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0210"
    },
    {
      "name": "CVE-2005-3271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3271"
    },
    {
      "name": "CVE-2005-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3108"
    },
    {
      "name": "CVE-2005-3105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3105"
    },
    {
      "name": "CVE-2005-2457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2457"
    },
    {
      "name": "CVE-2005-2492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2492"
    },
    {
      "name": "CVE-2005-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0124"
    },
    {
      "name": "CVE-2005-3109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3109"
    }
  ],
  "initial_release_date": "2005-12-22T00:00:00",
  "last_revision_date": "2006-03-16T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SuSE-SA:2005:067 du 06 d\u00e9cembre    2005 :",
      "url": "http://www.novell.com/linux/security/advisories/2005_67_kernel.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:219 du 30 novembre    2005 (10.1) :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:219"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:235 du 21 d\u00e9cembre    2005 (2006.0) :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:235"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:663 du 28 septembre    2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-663.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:218 du 30 novembre    2005 (CS3.0 et MNF2.0) :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:218"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-219-1 du 22 novembre 2005 :",
      "url": "http://www.ubuntulinux.org/usn/usn-219-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 921 du 14 d\u00e9cembre 2005 :",
      "url": "http://www.debian.org/security/2005/dsa-921"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:808 du 27 octobre    2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-808.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SuSE-SA:2005:068 du 14 d\u00e9cembre    2005 :",
      "url": "http://www.novell.com/linux/security/advisories/2005_68_kernel.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:220 du 30 novembre    2005 (10.2) :",
      "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:220"
    },
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 4 #1138 du 13 d\u00e9cembre    2005 :",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2005-December/msg0034.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0144 du 15 mars 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0144.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 922 du 14 d\u00e9cembre 2005 :",
      "url": "http://www.debian.org/security/2005/dsa-922"
    }
  ],
  "reference": "CERTA-2005-AVI-497",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-12-22T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence CVE CAN-2005-3660.",
      "revision_date": "2005-12-29T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0144.",
      "revision_date": "2006-03-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Mise \u00e0 jour des noyaux des distributions Linux",
  "vendor_advisories": []
}

CERTA-2005-AVI-174

Vulnerability from certfr_avis

Plusieurs failles ont été identifiées dans le code du noyau Linux et font l'objet de correctifs de la part des éditeurs.

Description

On peut recenser de nombreux correctifs, variables avec les éditeurs, les plus critiques correspondant à des configurations courantes sont décrits ci-dessous :

CAN-2005-0209 : l'architecture de filtrage netfilter gère mal certaines cartes réseau et un déni de service peut être obtenu à l'aide de paquets IP fragmentés volontairement mal formés.
CAN-2005-0400 : une mauvaise initialisation lors de la création d'un répertoire sous le système de fichiers ext2 divulgue des données de l'espace noyau qui peuvent s'avérer sensibles.
CAN-2005-0449 : une mauvaise gestion de la file d'attente des paquets fragmentés permet à un utilisateur mal intentionné d'effectuer un déni de service moyennant une connaissance des règles de filtrage configurées dans netfilter.
CAN-2005-0529 : il est possible de réaliser un débordement de tampon dans la pile en accédant au pseudo système de fichiers proc.
CAN-2005-0530 : il est possible de lire la mémoire du noyau suite à une erreur dans le gestionnaire de terminal.
CAN-2005-0749 : un utilisateur local mal intentionné peut tenter d'exécuter un programme, au format standard ELF, volontairement mal formé pour provoquer un accès mémoire illégal et bloquer le noyau.
CAN-2005-0750 : une faille dans la pile du gestionnaire de protocole sans fil Bluetooth peut être utilisée pour exécuter du code arbitraire avec les privilèges (tous) du noyau.
CAN-2005-0815 : un cédérom avec un système de fichiers standard ISO-9660 volontairement mal formé peut provoquer un déni de service, voire provoquer l'exécution de code arbitraire, lors de son montage.
CAN-2005-1041 : un utilisateur local mal intentionné peut provoquer un déni de service moyennant l'accès au pseudo-fichier /proc/net/route.
CAN-2005-1263 : un fichier binaire ELF volontairement mal formé permet d'exécuter du code arbitraire avec les privilèges du noyau lors d'un vidage mémoire (« coredump » souvent autorisé pour les utilisateurs courants).
CAN-2005-1264 : l'accès pour un utilisateur local à un périphérique de type caractère en mode brut (« raw ») peut être utilisé pour modifier l'espace du noyau avec le risque d'exécution de code arbitraire.
CAN-2005-1589 : un problème identique existe dans le gestionnaire de type bloc des graveurs de cédéroms et dévédéroms.

Solution

Consulter le bulletin de l'éditeur pour l'obtention d'un correctif (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	N/A	N/A	Potentiellement tout système utilisant un noyau Linux en versions 2.2, 2.4 ou 2.6.

References

Title

Publication Time

Tags

Bulletins de sécurité SuSE SUSE-SA:2005:018 du 24 mars 2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du 09 juin 2005 :	-	other
Bulletins de sécurité SuSE SUSE-SA:2005:018 du 24 mars 2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du 09 juin 2005 :	-	other
versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 :	-	other
versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 :	-	other
Bulletins de sécurité Red Hat Linux : versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 : versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 : versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other
Bulletins de sécurité Red Hat Linux : versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 : versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 : versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other
versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 :	-	other
versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other
Bulletins de sécurité SuSE SUSE-SA:2005:018 du 24 mars 2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du 09 juin 2005 :	-	other
Bulletins de sécurité Red Hat Linux : versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 : versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 : versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other
Bulletins de sécurité Red Hat Linux : versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 : versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 : versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other
Bulletin de sécurité Avaya ASA-2005-120 du 2 juin 2005 :	-	other
versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 :	-	other
Les sources du noyau Linux 2.6.11.10 et postérieures corrigent ces vulnérabilités :	-	other
Bulletins de sécurité Red Hat Linux : versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28 avril 2005 : versions 3, RHSA-2005:293 du 22 avril 2005 et RHSA-2005:472 du 25 mai 2005 : versions 4, RHSA-2005:366 du 19 avril 2005 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Potentiellement tout syst\u00e8me utilisant un noyau Linux en versions 2.2, 2.4 ou 2.6.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Description\n\nOn peut recenser de nombreux correctifs, variables avec les \u00e9diteurs,\nles plus critiques correspondant \u00e0 des configurations courantes sont\nd\u00e9crits ci-dessous :\n\n-   CAN-2005-0209 : l\u0027architecture de filtrage netfilter g\u00e8re mal\n    certaines cartes r\u00e9seau et un d\u00e9ni de service peut \u00eatre obtenu \u00e0\n    l\u0027aide de paquets IP fragment\u00e9s volontairement mal form\u00e9s.\n-   CAN-2005-0400 : une mauvaise initialisation lors de la cr\u00e9ation d\u0027un\n    r\u00e9pertoire sous le syst\u00e8me de fichiers ext2 divulgue des donn\u00e9es de\n    l\u0027espace noyau qui peuvent s\u0027av\u00e9rer sensibles.\n-   CAN-2005-0449 : une mauvaise gestion de la file d\u0027attente des\n    paquets fragment\u00e9s permet \u00e0 un utilisateur mal intentionn\u00e9\n    d\u0027effectuer un d\u00e9ni de service moyennant une connaissance des r\u00e8gles\n    de filtrage configur\u00e9es dans netfilter.\n-   CAN-2005-0529 : il est possible de r\u00e9aliser un d\u00e9bordement de tampon\n    dans la pile en acc\u00e9dant au pseudo syst\u00e8me de fichiers proc.\n-   CAN-2005-0530 : il est possible de lire la m\u00e9moire du noyau suite \u00e0\n    une erreur dans le gestionnaire de terminal.\n-   CAN-2005-0749 : un utilisateur local mal intentionn\u00e9 peut tenter\n    d\u0027ex\u00e9cuter un programme, au format standard ELF, volontairement mal\n    form\u00e9 pour provoquer un acc\u00e8s m\u00e9moire ill\u00e9gal et bloquer le noyau.\n-   CAN-2005-0750 : une faille dans la pile du gestionnaire de protocole\n    sans fil Bluetooth peut \u00eatre utilis\u00e9e pour ex\u00e9cuter du code\n    arbitraire avec les privil\u00e8ges (tous) du noyau.\n-   CAN-2005-0815 : un c\u00e9d\u00e9rom avec un syst\u00e8me de fichiers standard\n    ISO-9660 volontairement mal form\u00e9 peut provoquer un d\u00e9ni de service,\n    voire provoquer l\u0027ex\u00e9cution de code arbitraire, lors de son montage.\n-   CAN-2005-1041 : un utilisateur local mal intentionn\u00e9 peut provoquer\n    un d\u00e9ni de service moyennant l\u0027acc\u00e8s au pseudo-fichier\n    `/proc/net/route`.\n-   CAN-2005-1263 : un fichier binaire ELF volontairement mal form\u00e9\n    permet d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges du noyau\n    lors d\u0027un vidage m\u00e9moire (\u00ab coredump \u00bb souvent autoris\u00e9 pour les\n    utilisateurs courants).\n-   CAN-2005-1264 : l\u0027acc\u00e8s pour un utilisateur local \u00e0 un p\u00e9riph\u00e9rique\n    de type caract\u00e8re en mode brut (\u00ab raw \u00bb) peut \u00eatre utilis\u00e9 pour\n    modifier l\u0027espace du noyau avec le risque d\u0027ex\u00e9cution de code\n    arbitraire.\n-   CAN-2005-1589 : un probl\u00e8me identique existe dans le gestionnaire de\n    type bloc des graveurs de c\u00e9d\u00e9roms et d\u00e9v\u00e9d\u00e9roms.\n\n## Solution\n\nConsulter le bulletin de l\u0027\u00e9diteur pour l\u0027obtention d\u0027un correctif (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2005-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0209"
    },
    {
      "name": "CVE-2005-0530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0530"
    },
    {
      "name": "CVE-2005-1589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1589"
    },
    {
      "name": "CVE-2005-1041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1041"
    },
    {
      "name": "CVE-2005-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0815"
    },
    {
      "name": "CVE-2005-1264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1264"
    },
    {
      "name": "CVE-2005-0529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0529"
    },
    {
      "name": "CVE-2005-0400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0400"
    },
    {
      "name": "CVE-2005-0449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0449"
    },
    {
      "name": "CVE-2005-0750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0750"
    },
    {
      "name": "CVE-2005-1263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-1263"
    },
    {
      "name": "CVE-2005-0749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0749"
    }
  ],
  "initial_release_date": "2005-05-24T00:00:00",
  "last_revision_date": "2005-06-17T00:00:00",
  "links": [
    {
      "title": "Bulletins de s\u00e9curit\u00e9 SuSE SUSE-SA:2005:018 du 24 mars    2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du    09 juin 2005 :",
      "url": "http://www.novell.com/linux/security/advisories/2005_029_kernel.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 SuSE SUSE-SA:2005:018 du 24 mars    2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du    09 juin 2005 :",
      "url": "http://www.novell.com/linux/security/advisories/2005_018_kernel.html"
    },
    {
      "title": "versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-472.html"
    },
    {
      "title": "versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-293.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 Red Hat Linux :       versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :             versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :             versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-293.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 Red Hat Linux :       versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :             versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :             versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-283.html"
    },
    {
      "title": "versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-284.html"
    },
    {
      "title": "versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-366.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 SuSE SUSE-SA:2005:018 du 24 mars    2005, SUSE-SA:2005:021 du 04 avril 2005 et SUSE-SA:2005:029 du    09 juin 2005 :",
      "url": "http://www.novell.com/linux/security/advisories/2005_021_kernel.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 Red Hat Linux :       versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :             versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :             versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-284.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 Red Hat Linux :       versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :             versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :             versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-472.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2005-120 du 2 juin 2005 :",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-120_RHSA-2005-283_RHSA-2005-284_RHSA-2005-293_RHSA-2005-472.pdf"
    },
    {
      "title": "versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-283.html"
    },
    {
      "title": "Les sources du noyau Linux 2.6.11.10 et post\u00e9rieures    corrigent ces vuln\u00e9rabilit\u00e9s :",
      "url": "http://www.kernel.org"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 Red Hat Linux :       versions 2.1, RHSA-2005:283 et RHSA-2005:284 du 28        avril 2005 :             versions 3, RHSA-2005:293 du 22 avril 2005 et        RHSA-2005:472 du 25 mai 2005 :             versions 4, RHSA-2005:366 du 19 avril 2005 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2005-366.html"
    }
  ],
  "reference": "CERTA-2005-AVI-174",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2005-05-24T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2005:472 ;",
      "revision_date": "2005-05-27T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Novell SUSE-SA:2005:029 ;",
      "revision_date": "2005-06-14T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Avaya ASA-2005-120.",
      "revision_date": "2005-06-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs failles ont \u00e9t\u00e9 identifi\u00e9es dans le code du noyau Linux et\nfont l\u0027objet de correctifs de la part des \u00e9diteurs.\n",
  "title": "Multiples failles des noyaux Linux",
  "vendor_advisories": []
}

gsd-2005-1589

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2005-1589

Aliases

CVE-2005-1589

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-1589",
    "description": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.",
    "id": "GSD-2005-1589",
    "references": [
      "https://www.suse.com/security/cve/CVE-2005-1589.html",
      "https://packetstormsecurity.com/files/cve/CVE-2005-1589"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-1589"
      ],
      "details": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.",
      "id": "GSD-2005-1589",
      "modified": "2023-12-13T01:20:12.012341Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-1589",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10",
            "refsource": "CONFIRM",
            "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
          },
          {
            "name": "[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd",
            "refsource": "MLIST",
            "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
          },
          {
            "name": "ADV-2005-0557",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/0557"
          },
          {
            "name": "20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
            "refsource": "VULNWATCH",
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
          },
          {
            "name": "13651",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/13651"
          },
          {
            "name": "20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
            "refsource": "VULNWATCH",
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
          },
          {
            "name": "20050517 Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected]",
            "refsource": "VULNWATCH",
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
          },
          {
            "name": "17826",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17826"
          },
          {
            "name": "MDKSA-2005:219",
            "refsource": "MANDRAKE",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.6.12",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1589"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
              "refsource": "VULNWATCH",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
            },
            {
              "name": "20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability",
              "refsource": "VULNWATCH",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
            },
            {
              "name": "20050517 Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected]",
              "refsource": "VULNWATCH",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
            },
            {
              "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
            },
            {
              "name": "13651",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/13651"
            },
            {
              "name": "17826",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17826"
            },
            {
              "name": "ADV-2005-0557",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/0557"
            },
            {
              "name": "[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
            },
            {
              "name": "MDKSA-2005:219",
              "refsource": "MANDRAKE",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-02-19T05:08Z",
      "publishedDate": "2005-05-17T04:00Z"
    }
  }
}

ghsa-rgfg-567g-5mrr

Vulnerability from github

Published

2022-05-01 02:00

Modified

2022-05-01 02:00

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-1589"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-05-17T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.",
  "id": "GHSA-rgfg-567g-5mrr",
  "modified": "2022-05-01T02:00:13Z",
  "published": "2022-05-01T02:00:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1589"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
    },
    {
      "type": "WEB",
      "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17826"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/13651"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/0557"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2005-1589

Vulnerability from fkie_nvd

Published

2005-05-17 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html
cve@mitre.org	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10
cve@mitre.org	http://marc.info/?l=linux-kernel&m=111630531515901&w=2
cve@mitre.org	http://secunia.com/advisories/17826
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
cve@mitre.org	http://www.securityfocus.com/bid/13651
cve@mitre.org	http://www.vupen.com/english/advisories/2005/0557
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html
af854a3a-2127-422b-91ae-364da2661108	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=linux-kernel&m=111630531515901&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17826
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13651
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/0557

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "64C51EA6-1658-4B37-8C49-20F3830FACE8",
              "versionEndIncluding": "2.6.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264."
    }
  ],
  "id": "CVE-2005-1589",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-17T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17826"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/13651"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/0557"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0047.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=linux-kernel\u0026m=111630531515901\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/13651"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/0557"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2005-1589 (GCVE-0-2005-1589)

Vulnerability from cvelistv5

CERTA-2005-AVI-497

Vulnerability from certfr_avis

Description

Solution

CERTA-2005-AVI-174

Vulnerability from certfr_avis

Description

Solution

gsd-2005-1589

Vulnerability from gsd

ghsa-rgfg-567g-5mrr

Vulnerability from github

fkie_cve-2005-1589

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature