CVE-2005-4618

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

31/12/2005

Last modified:

03/04/2025

Description

Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.

Impact

Vector 2.0

AV:L/AC:L/Au:N/C:N/I:P/A:P CVSS v2.0 Severity and Metrics:

Base Score: 3.60 LOW
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P

Attack Vector (AV): Local
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): None
Integrity (I): Physical
Availability (A): Physical

Base Score 2.0

3.60

Severity 2.0

LOW

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:test1::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test10::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test11::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test2::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test3::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test4::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test5::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test6::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test7::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test8::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test9::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:test1::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test10::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test11::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test2::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test3::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test4::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test5::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test6::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test7::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test8::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test9::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::

CVE-2005-4618

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools