CVE-2005-1263 — Vulnetix

Try Vulnetix Request Demo

CVE-2005-1263 PUBLISHED CVSS 7.199999809265137 HIGH

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow.

EPSS 0.06% · 18.2th percentile

Risk Scores

CVSS v2.0

7.199999809265137

EPSS Score

0.06%

18.2th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	2.6_test9_cvs, 2.2.0, 2.2.1
n/a	n/a	n/a

Timeline

May 11, 2005 CVE Published
Jun 17, 2005 CVE Updated
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

oval:org.mitre.oval:def:1122 vdb
ADV-2005-0524 vdb
http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt url
19185 third-party-advisory
19607 third-party-advisory
FLSA:157459-2 vendor-advisory
RHSA-2005:472 vendor-advisory
oval:org.mitre.oval:def:10909 vdb
13589 vdb
20050511 Linux kernel ELF core dump privilege elevation mailing-list
FLSA:157459-1 vendor-advisory
RHSA-2005:551 vendor-advisory
20060402-01-U vendor-advisory
RHSA-2005:529 vendor-advisory
FLSA:157459-3 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2005-1263 advisory

Open in Interactive Console →