CERTVU:604846sendfile() system call may leak sections of kernel memory
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.5%
Overview
The sendfile() system call does not handle specially crafted files properly. Exploitation of this vulnerability may leak sensitive information to a local attacker.
Description
The sendfile() system call is used to send a file through a socket without copying the file data into memory. A vulnerability exists in certain implementations of sendfile() that may allow an attacker to view sensitive kernel memory. If sendfile() is supplied a file that is then truncated during transmission, sendfile() may send sections of kernel memory through the socket. The contents of the leaked memory depends on what programs or files have recently been loaded and/or executed.
Impact
A local attacker may be able to view sections of kernel memory that contain sensitive information. For instance, it may be possible for an attacker can gain access to authentication information, such as passwords and usernames.
Solution
Check with Vendor
Users who suspect they are vulnerable are encouraged to check with their vendor to determine the appropriate action to take. Please see the list of vendors we have notified below.
Vendor Information
604846
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
FreeBSD, Inc. __ Affected
Notified: April 06, 2005 Updated: April 13, 2005
Status
Affected
Vendor Statement
Yes, FreeBSD is affected. This issue was addressed in the FreeBSD Security advisory FreeBSD-SA-05:02.sendfile, which is available from
<ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile.asc>.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Apple Computer, Inc. __ Not Affected
Notified: April 06, 2005 Updated: April 21, 2005
Status
Not Affected
Vendor Statement
Mac OS X and Mac OS X Server are not vulnerable to this issue since sendfile is not supported.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
F5 Networks, Inc. __ Not Affected
Notified: April 06, 2005 Updated: January 10, 2006
Status
Not Affected
Vendor Statement
We have now determined that F5 products are NOT affected by the sendfile vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Microsoft Corporation __ Not Affected
Notified: April 06, 2005 Updated: April 18, 2005
Status
Not Affected
Vendor Statement
We have determine that our implementation of Service for Unix is not vulnerable to the issue as described.
- No version of Services For Unix provides the sendfile() API.
- If a future version of the Subsystem for UNIX Applications were to
provide the sendfile() API, it would be implemented as a wrapper around the Win32 or NT API(s) which perform the same task.
- No element of the Subsystem for UNIX Applications lives in Windows kernel mode.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
OpenBSD __ Not Affected
Notified: April 06, 2005 Updated: April 06, 2005
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Quality __ Not Affected
Updated: April 28, 2005
Status
Not Affected
Vendor Statement
English page is available here:
<http://www.quality.co.jp/e/index.html>
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Red Hat, Inc. __ Not Affected
Notified: April 06, 2005 Updated: August 23, 2005
Status
Not Affected
Vendor Statement
Red Hat Enterprise Linux is not vulnerable to this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
TurboLinux __ Not Affected
Notified: April 06, 2005 Updated: April 28, 2005
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Cray Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Debian Linux __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
EMC Corporation __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Engarde __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Fujitsu __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Hewlett-Packard Company __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Hitachi __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
IBM Corporation __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
IBM eServer __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
IBM zSeries __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Immunix __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Ingrian Networks, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Juniper Networks, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Mandriva, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Mandriva, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
MontaVista Software, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
NEC Corporation __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
NetBSD __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Nokia __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Novell, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
OpenBSD __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Openwall GNU/*/Linux __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Red Hat, Inc. Unknown
Notified: August 23, 2005 Updated: August 24, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
SGI __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
SUSE Linux __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Sequent Computer Systems, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Sony Corporation __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Sun Microsystems, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
The SCO Group (SCO Linux) __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
The SCO Group (SCO Unix) __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Unisys __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
Wind River Systems, Inc. __ Unknown
Notified: April 06, 2005 Updated: April 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23604846 Feedback>).
View all 40 vendors __View less vendors __
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
<ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile.asc>
Acknowledgements
Thanks to Marc Olzheim for reporting this vulnerability.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2005-0708 |
|---|---|
| Severity Metric: | 0.76 Date Public: |
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.5%