CVE-2005-0529

Severity

21%

Complexity

39%

Confidentiality

48%

Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.

Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 19 years ago

2005-05-02 04:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Linux Kernel 2.6.10

2.6.10

References

CLA-2005:930

http://linux.bkbits.net:8080/linux-2.6/cset@4201818eC6aMn0x3GY_9rw3ueb2ZWQ

20050315 [USN-95-1] Linux kernel vulnerabilities

20050215 linux kernel 2.6 fun. windoze is a joke

http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html

Exploit, Patch

SUSE-SA:2005:018

RHSA-2005:366

oval:org.mitre.oval:def:8994

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.