CVE-2005-4605
published 2005-12-31CVE-2005-4605: The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in…
PriorityP411low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
1.05%
59.9th percentile
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat2.1LOW
vendor_ubuntu2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8c8m-j65f-9vjw: The procfs code (proc_misc
ghsa_unreviewed·2022-05-01
CVE-2005-4605 [LOW] GHSA-8c8m-j65f-9vjw: The procfs code (proc_misc
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2006-01-18·CVSS 2.1
CVE-2006-0095 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Doug Chapman discovered a flaw in the reference counting in the
sys_mq_open() function. By calling this function in a special way, a
local attacker could exploit this to cause a kernel crash.
(CVE-2005-3356)
Karl Janmar discovered that the /proc file system module used signed
data types in a wrong way. A local attacker could exploit this to read
random kernel memory, which could possibly contain sensitive data like
passwords or private keys. (CVE-2005-4605)
Yi Yang discovered an off-by-one buffer overflow in the sysctl()
system call. By calling sysctl with a specially crafted long string, a
local attacker could exploit this to crash the kernel or possibly even
execute arbitrary code with full kernel privileges. (
Red Hat
security flaw
vendor_redhat·2005-12-23·CVSS 2.1
CVE-2005-4605 [LOW] security flaw
security flaw
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
No detection rules found.
Bugzilla
CVE-2005-4605 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2005-4605 [LOW] CVE-2005-4605 security flaw
CVE-2005-4605 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
Bugzilla
CVE-2005-4605 Kernel memory disclosure
bugzilla·2006-01-03·CVSS 2.1
CVE-2005-4605 [LOW] CVE-2005-4605 Kernel memory disclosure
CVE-2005-4605 Kernel memory disclosure
Reported to full-disclosure was a flaw said to allow kernel memory to be
disclosed to untrusted local users. This was verified by Solar Designer and a
patch for the issue committed by Linus.
Original report:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113535380422339
Fix:
http://linux.bkbits.net:8080/linux-2.6/cset@43b562ae6hJGLWZA4TNf2k-RzXnVlQ
Discussion:
Is BK still going?
The canonical location would now be in git:
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=8b90db0df7187a01fb7177f1f812123138f562cf
---
yeah, we track all the outstanding issues by bk id at the moment (one form so
that we can easily spot dupes). We need to go through and convert them all to
git ids at some point.
---
An advisor
Bugzilla
CVE-2005-4605 Kernel memory disclosure
bugzilla·2006-01-03·CVSS 2.1
CVE-2005-4605 [LOW] CVE-2005-4605 Kernel memory disclosure
CVE-2005-4605 Kernel memory disclosure
+++ This bug was initially created as a clone of Bug #176812 +++
Reported to full-disclosure was a flaw said to allow kernel memory to be
disclosed to untrusted local users. This was verified by Solar Designer and a
patch for the issue committed by Linus.
Original report:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113535380422339
Fix:
http://linux.bkbits.net:8080/linux-2.6/cset@43b562ae6hJGLWZA4TNf2k-RzXnVlQ
(See cloned bug for non-public reproducer)
Bugzilla
CVE-2005-4605 Kernel memory disclosure
bugzilla·2006-01-03·CVSS 2.1
CVE-2005-4605 [LOW] CVE-2005-4605 Kernel memory disclosure
CVE-2005-4605 Kernel memory disclosure
+++ This bug was initially created as a clone of Bug #176812 +++
Reported to full-disclosure was a flaw said to allow kernel memory to be
disclosed to untrusted local users. This was verified by Solar Designer and a
patch for the issue committed by Linus.
Original report:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113535380422339
Fix:
http://linux.bkbits.net:8080/linux-2.6/cset@43b562ae6hJGLWZA4TNf2k-RzXnVlQ
(See cloned bug for non-public reproducer)
Discussion:
fixed in cvs, will go out in the next fc4 update.
---
This is a mass-update to all currently open kernel bugs.
A new kernel update has been released (Version: 2.6.15-1.1830_FC4)
based upon a new upstream kernel release.
Please retest against this new kernel, as a large number
Bugzilla
Multiple Kernel vulnerabilities
bugzilla·2005-05-11
[MEDIUM] Multiple Kernel vulnerabilities
Multiple Kernel vulnerabilities
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Mozilla rulez!)
Description of problem:
Paul Starzetz of iSEC has found yet another bug in binfmt_elf.c. It can be abused to crash the kernel, perhaps even to break into the kernel land. See the advisory for details.
Version-Release number of selected component (if applicable):
How reproducible:
Didn't try
Steps to Reproduce:
Additional info:
I've got a quick and dirty patch. I'll submit it ASAP.
Discussion:
Grr...Bugzilla assigned the bug to [email protected] rather than to
[email protected]
---
Created attachment 114264
The patch for CAN-2005-1263
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch can be applied to FL kernel 2.4.20-43:
402e548b02382c015d6f5e5704370a1ba546598b
li
http://linux.bkbits.net:8080/linux-2.6/cset%4043b562ae6hJGLWZA4TNf2k-RzXnVlQhttp://linux.bkbits.net:8080/linux-2.6/gnupatch%4043b562ae6hJGLWZA4TNf2k-RzXnVlQhttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.htmlhttp://marc.info/?l=full-disclosure&m=113535380422339&w=2http://secunia.com/advisories/18216http://secunia.com/advisories/18351http://secunia.com/advisories/18510http://secunia.com/advisories/18527http://secunia.com/advisories/18788http://secunia.com/advisories/19038http://secunia.com/advisories/19374http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b90db0df7187a01fb7177f1f812123138f562cfhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:040http://www.novell.com/linux/security/advisories/2006_06_kernel.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00014.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/16284https://exchange.xforce.ibmcloud.com/vulnerabilities/23811https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11747https://usn.ubuntu.com/244-1/http://linux.bkbits.net:8080/linux-2.6/cset%4043b562ae6hJGLWZA4TNf2k-RzXnVlQhttp://linux.bkbits.net:8080/linux-2.6/gnupatch%4043b562ae6hJGLWZA4TNf2k-RzXnVlQhttp://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.htmlhttp://marc.info/?l=full-disclosure&m=113535380422339&w=2http://secunia.com/advisories/18216http://secunia.com/advisories/18351http://secunia.com/advisories/18510http://secunia.com/advisories/18527http://secunia.com/advisories/18788http://secunia.com/advisories/19038http://secunia.com/advisories/19374http://www.debian.org/security/2006/dsa-1017http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b90db0df7187a01fb7177f1f812123138f562cfhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:040http://www.novell.com/linux/security/advisories/2006_06_kernel.htmlhttp://www.redhat.com/archives/fedora-announce-list/2006-January/msg00014.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0101.htmlhttp://www.securityfocus.com/archive/1/427981/100/0/threadedhttp://www.securityfocus.com/bid/16284https://exchange.xforce.ibmcloud.com/vulnerabilities/23811https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11747https://usn.ubuntu.com/244-1/
2005-12-31
Published