CVE-2005-1263

2005-05-1104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1263

elf_core_dump

binfmt_elf.c

linux kernel

buffer overflow

nvd

security advisory

5.7 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.4.18
linux:linux_kernellinux linux kerneleq2.4.15
linux:linux_kernellinux linux kerneleq2.2.10
linux:linux_kernellinux linux kerneleq2.6.11
linux:linux_kernellinux linux kerneleq2.6.12
linux:linux_kernellinux linux kerneleq2.4.0
linux:linux_kernellinux linux kerneleq2.2.21
linux:linux_kernellinux linux kerneleq2.6.5
linux:linux_kernellinux linux kerneleq2.4.11
linux:linux_kernellinux linux kerneleq2.6.1

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.4.18
linux:linux_kernel	linux linux kernel	eq	2.4.15
linux:linux_kernel	linux linux kernel	eq	2.2.10
linux:linux_kernel	linux linux kernel	eq	2.6.11
linux:linux_kernel	linux linux kernel	eq	2.6.12
linux:linux_kernel	linux linux kernel	eq	2.4.0
linux:linux_kernel	linux linux kernel	eq	2.2.21
linux:linux_kernel	linux linux kernel	eq	2.6.5
linux:linux_kernel	linux linux kernel	eq	2.4.11
linux:linux_kernel	linux linux kernel	eq	2.6.1