CVE-2005-4618 — Vulnetix

Try Vulnetix Request Demo

CVE-2005-4618 PUBLISHED CVSS 3.5999999046325684 LOW

Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.

EPSS 0.14% · 33.8th percentile

Risk Scores

CVSS v2.0

3.5999999046325684

EPSS Score

0.14%

33.8th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
linux	linux_kernel	2.6.0, 2.6.0, 2.6.0

Timeline

Dec 31, 2005 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8febdd85adaa41fa1fc1cb31286210fc2cd3ed0c url
MDKSA-2006:040 vendor-advisory
19369 third-party-advisory
DSA-1018 vendor-advisory
16141 vdb
ADV-2006-0035 vdb
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 url
18216 third-party-advisory
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 url
DSA-1017 vendor-advisory
USN-244-1 vendor-advisory
18527 third-party-advisory
19374 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2005-4618 advisory
https://usn.ubuntu.com/244-1 url
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8febdd85adaa41fa1fc1cb31286210fc2cd3ed0c url

Open in Interactive Console →