Linux Kernel sysfs File Write Overflow

2005-03-24T19:06:41
ID OSVDB:15488
Type osvdb
Reporter Alexander Nyberg()
Modified 2005-03-24T19:06:41

Description

Vulnerability Description

A local overflow exists in Linux Kernel. The "sysfs_write_file" function fails to validate the integer. By overwriting kernel memory by writing to a sysfs file, an attacker may cause a denial of service or run arbitrary commands with root privileges.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A local overflow exists in Linux Kernel. The "sysfs_write_file" function fails to validate the integer. By overwriting kernel memory by writing to a sysfs file, an attacker may cause a denial of service or run arbitrary commands with root privileges.

References:

Vendor URL: http://kernel.org/ Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:15019 Related OSVDB ID: 15490 Related OSVDB ID: 15489 Other Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-366.html CVE-2005-0867