CVE-2005-1264

Severity

72%

Complexity

39%

Confidentiality

165%

Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Linux Kernel

First reported 19 years ago

2005-05-17 04:00:00

Last updated 6 years ago

2018-10-19 15:31:00

Affected Software

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6 test1

2.6.0

Linux Kernel 2.6 test10

2.6.0

Linux Kernel 2.6 test11

2.6.0

Linux Kernel 2.6 test2

2.6.0

Linux Kernel 2.6 test3

2.6.0

Linux Kernel 2.6 test4

2.6.0

Linux Kernel 2.6 test5

2.6.0

Linux Kernel 2.6 test6

2.6.0

Linux Kernel 2.6 test7

2.6.0

Linux Kernel 2.6 test8

2.6.0

Linux Kernel 2.6 test9

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.1 Release Candidate 1

2.6.1

Linux Kernel 2.6.1 Release Candidate 2

2.6.1

Linux Kernel 2.6.2

2.6.2

Linux Kernel 2.6.3

2.6.3

Linux Kernel 2.6.4

2.6.4

Linux Kernel 2.6.5

2.6.5

Linux Kernel 2.6.6

2.6.6

Linux Kernel 2.6.6 Release Candidate 1

2.6.6

Linux Kernel 2.6.7

2.6.7

Linux Kernel 2.6.7 Release Candidate 1

2.6.7

Linux Kernel 2.6.8

2.6.8

Linux Kernel 2.6.8 Release Candidate 1

2.6.8

Linux Kernel 2.6.8 Release Candidate 2

2.6.8

Linux Kernel 2.6.8 Release Candidate 3

2.6.8

References

20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability

Exploit, Patch, Vendor Advisory

20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10

[linux-kernel] 20050517 [PATCH] Fix root hole in raw device

RHSA-2005:420

FLSA:157459-3

13651

ADV-2005-0557

oval:org.mitre.oval:def:10264

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.

CVE-2005-1264

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

Type

First reported 19 years ago

Last updated 6 years ago

Affected Software

Linux Kernel 2.6.0

Linux Kernel 2.6 test1

Linux Kernel 2.6 test10

Linux Kernel 2.6 test11

Linux Kernel 2.6 test2

Linux Kernel 2.6 test3

Linux Kernel 2.6 test4

Linux Kernel 2.6 test5

Linux Kernel 2.6 test6

Linux Kernel 2.6 test7

Linux Kernel 2.6 test8

Linux Kernel 2.6 test9

Linux Kernel 2.6.1

Linux Kernel 2.6.1 Release Candidate 1

Linux Kernel 2.6.1 Release Candidate 2

Linux Kernel 2.6.2

Linux Kernel 2.6.3

Linux Kernel 2.6.4

Linux Kernel 2.6.5

Linux Kernel 2.6.6

Linux Kernel 2.6.6 Release Candidate 1

Linux Kernel 2.6.7

Linux Kernel 2.6.7 Release Candidate 1

Linux Kernel 2.6.8

Linux Kernel 2.6.8 Release Candidate 1

Linux Kernel 2.6.8 Release Candidate 2

Linux Kernel 2.6.8 Release Candidate 3

References

20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability

20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10

[linux-kernel] 20050517 [PATCH] Fix root hole in raw device

RHSA-2005:420

FLSA:157459-3

13651

ADV-2005-0557

oval:org.mitre.oval:def:10264

Stay updated

Get in touch