CVE-2005-2709

Severity

46%

Complexity

39%

Confidentiality

106%

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 19 years ago

2005-11-20 22:03:00

Last updated 6 years ago

2018-10-19 15:33:00

Affected Software

Linux Kernel 2.4.1

2.4.1

Linux Kernel 2.4.2

2.4.2

Linux Kernel 2.4.3

2.4.3

Linux Kernel 2.4.4

2.4.4

Linux Kernel 2.4.5

2.4.5

Linux Kernel 2.4.6

2.4.6

Linux Kernel 2.4.7

2.4.7

Linux Kernel 2.4.8

2.4.8

Linux Kernel 2.4.9

2.4.9

Linux Kernel 2.4.10

2.4.10

Linux Kernel 2.4.11

2.4.11

Linux Kernel 2.4.12

2.4.12

Linux Kernel 2.4.13

2.4.13

Linux Kernel 2.4.14

2.4.14

Linux Kernel 2.4.15

2.4.15

Linux Kernel 2.4.16

2.4.16

Linux Kernel 2.4.17

2.4.17

Linux Kernel 2.4.18

2.4.18

Linux Kernel 2.4.19

2.4.19

Linux Kernel 2.4.20

2.4.20

Linux Kernel 2.4.21

2.4.21

Linux Kernel 2.4.22

2.4.22

Linux Kernel 2.4.23

2.4.23

Linux Kernel 2.4.24

2.4.24

Linux Kernel 2.4.25

2.4.25

Linux Kernel 2.4.26

2.4.26

Linux Kernel 2.4.27

2.4.27

Linux Kernel 2.4.28

2.4.28

Linux Kernel 2.4.29

2.4.29

Linux Kernel 2.4.30

2.4.30

Linux Kernel 2.4.30 rc2

2.4.30

Linux Kernel 2.4.30 rc3

2.4.30

Linux Kernel 2.4.31

2.4.31

Linux Kernel 2.4.32

2.4.32

Linux Kernel 2.4.33

2.4.33

Linux Kernel 2.4.33.1

2.4.33.1

Linux Kernel 2.4.33.2

2.4.33.2

Linux Kernel 2.4.33.3

2.4.33.3

Linux Kernel 2.4.33.4

2.4.33.4

Linux Kernel 2.4.33.5

2.4.33.5

Linux Kernel 2.4.34

2.4.34

Linux Kernel 2.4.34.1

2.4.34.1

Linux Kernel 2.4.34.2

2.4.34.2

Linux Kernel 2.4.35.2

2.4.35.2

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.10

2.6.10

Linux Kernel 2.6.11

2.6.11

Linux Kernel 2.6.11.1

2.6.11.1

Linux Kernel 2.6.11.2

2.6.11.2

Linux Kernel 2.6.11.3

2.6.11.3

Linux Kernel 2.6.11.4

2.6.11.4

Linux Kernel 2.6.11.5

2.6.11.5

Linux Kernel 2.6.11.6

2.6.11.6

Linux Kernel 2.6.11.7

2.6.11.7

Linux Kernel 2.6.11.8

2.6.11.8

Linux Kernel 2.6.11.9

2.6.11.9

Linux Kernel 2.6.11.10

2.6.11.10

Linux Kernel 2.6.11.11

2.6.11.11

Linux Kernel 2.6.11.12

2.6.11.12

Linux Kernel 2.6.12

2.6.12

Linux Kernel 2.6.12.1

2.6.12.1

Linux Kernel 2.6.12.2

2.6.12.2

Linux Kernel 2.6.12.3

2.6.12.3

Linux Kernel 2.6.12.4

2.6.12.4

Linux Kernel 2.6.12.5

2.6.12.5

Linux Kernel 2.6.12.6

2.6.12.6

Linux Kernel 2.6.13

2.6.13

Linux Kernel 2.6.13.1

2.6.13.1

Linux Kernel 2.6.13.2

2.6.13.2

Linux Kernel 2.6.13.3

2.6.13.3

Linux Kernel 2.6.13.4

2.6.13.4

Linux Kernel 2.6.13.5

2.6.13.5

Linux Kernel

References

17504

Vendor Advisory

17541

Vendor Advisory

17648

Vendor Advisory

18510

Vendor Advisory

18562

Vendor Advisory

18684

Vendor Advisory

19369

Vendor Advisory

19374

Vendor Advisory

1015434

DSA-1017

DSA-1018

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.14.1

MDKSA-2006:059

20676

RHSA-2006:0101

RHSA-2006:0140

RHSA-2006:0190

RHSA-2006:0191

FLSA:157459-3

FLSA:157459-4

FLSA:157459-1

FLSA:157459-2

15365

ADV-2005-2359

Vendor Advisory

kernel-sysctl-interface-dos(23040)

oval:org.mitre.oval:def:10746

USN-219-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.