Vulnerability Description
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.14 |
References
- http://linux.bkbits.net:8080/linux-2.6/cset%4043b562ae6hJGLWZA4TNf2k-RzXnVlQ
- http://linux.bkbits.net:8080/linux-2.6/gnupatch%4043b562ae6hJGLWZA4TNf2k-RzXnVlQ
- http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html
- http://marc.info/?l=full-disclosure&m=113535380422339&w=2
- http://secunia.com/advisories/18216
- http://secunia.com/advisories/18351
- http://secunia.com/advisories/18510
- http://secunia.com/advisories/18527
- http://secunia.com/advisories/18788
- http://secunia.com/advisories/19038
- http://secunia.com/advisories/19374
- http://www.debian.org/security/2006/dsa-1017
- http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:040
- http://www.novell.com/linux/security/advisories/2006_06_kernel.html
FAQ
What is CVE-2005-4605?
CVE-2005-4605 is a vulnerability with a CVSS score of 2.1 (LOW). The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigne...
How severe is CVE-2005-4605?
CVE-2005-4605 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4605?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.