Published: 21/10/2005 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels prior to 2.6.12, and 2.4 prior to 2.4.29, does not properly verify the ndigis argument for a new route, which allows malicious users to trigger array out-of-bounds errors with a large number of digipeats.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.11
linux linux kernel 2.6.4
linux linux kernel 2.4.18
linux linux kernel 2.4.15
linux linux kernel 2.4.0
linux linux kernel 2.6.11.2
linux linux kernel 2.6.5
linux linux kernel 2.4.11
linux linux kernel 2.6.11.10
linux linux kernel 2.6.10
linux linux kernel 2.6.1
linux linux kernel 2.4.27
linux linux kernel 2.6.7
linux linux kernel 2.6.3
linux linux kernel 2.6.11.8
linux linux kernel 2.4.26
linux linux kernel 2.4.19
linux linux kernel 2.4.21
linux linux kernel 2.4.12
linux linux kernel 2.4.13
linux linux kernel 2.6.11.6
linux linux kernel 2.6.11.11
linux linux kernel 2.6.9
linux linux kernel 2.4.17
linux linux kernel 2.6.11.5
linux linux kernel 2.4.23_ow2
linux linux kernel 2.6.8
linux linux kernel 2.4.23
linux linux kernel 2.4.29
linux linux kernel 2.6.2
linux linux kernel 2.6.6
linux linux kernel 2.4.7
linux linux kernel 2.4.25
linux linux kernel 2.4.24
linux linux kernel 2.4.9
linux linux kernel 2.6.11.9
linux linux kernel 2.4.28
linux linux kernel 2.6.0
linux linux kernel 2.4.24_ow1
linux linux kernel 2.4.10
linux linux kernel 2.4.2
linux linux kernel 2.4.16
linux linux kernel 2.4.8
linux linux kernel 2.4.14
linux linux kernel 2.6.11.3
linux linux kernel 2.4.22
linux linux kernel 2.4.5
linux linux kernel 2.4.3
linux linux kernel 2.6.11.7
linux linux kernel 2.4.1
linux linux kernel 2.4.4
linux linux kernel 2.4.6
linux linux kernel 2.6.8.1
linux linux kernel 2.6.11.4
linux linux kernel 2.4.20
linux linux kernel 2.6.11.12
linux linux kernel 2.6.11.1

Synopsis Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6 Type/Severity Security Advisory: Important Topic Updated kernel packages are now available as part of ongoing support andmaintenance of Red Hat Enterprise Linux version 3 This is the sixthregular updateThis security adviso ...

The problem can be corrected by updating your system to the following package versions: ...

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-2302 A race condition in the sysfs filesystem allows local users to read kernel memory and ca ...

CWE-264 http://lkml.org/lkml/2005/5/23/169 http://securitytracker.com/id?1014115 http://www.debian.org/security/2005/dsa-922 http://www.securityfocus.com/bid/13886 http://secunia.com/advisories/18056 http://secunia.com/advisories/17826 http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.redhat.com/support/errata/RHSA-2006-0579.html http://www.redhat.com/support/errata/RHSA-2006-0580.html http://secunia.com/advisories/21035 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9552 https://usn.ubuntu.com/219-1/http://www.securityfocus.com/archive/1/428028/100/0/threaded http://linux.bkbits.net:8080/linux-2.6/cset%40423114bcdthRtmtdS6MsZiBVvteGCg http://linux.bkbits.net:8080/linux-2.4/cset%4041e2cf515TpixcVQ8q8HvQvCv9E6zA https://access.redhat.com/errata/RHSA-2005:663 https://usn.ubuntu.com/219-1/https://nvd.nist.gov

CVE-2005-3273

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect