Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-1589
HistoryMay 17, 2005 - 12:00 a.m.

CVE-2005-1589

2005-05-1700:00:00
ubuntu.com
ubuntu.com
20

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.001

Percentile

42.6%

The pkt_ioctl function in the pktcdvd block device ioctl handler
(pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function
before passing an ioctl to the block device, which crosses security
boundaries by making kernel address space accessible from user space and
allows local users to cause a denial of service and possibly execute
arbitrary code, a similar vulnerability to CVE-2005-1264.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.001

Percentile

42.6%