CVE-2005-0124

Current Description

The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow.

Basic Data

PublishedApril 14, 2005
Last ModifiedOctober 19, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.4.0*******
    2.3OSLinuxLinux Kernel2.4.0test1******
    2.3OSLinuxLinux Kernel2.4.0test10******
    2.3OSLinuxLinux Kernel2.4.0test11******
    2.3OSLinuxLinux Kernel2.4.0test12******
    2.3OSLinuxLinux Kernel2.4.0test2******
    2.3OSLinuxLinux Kernel2.4.0test3******
    2.3OSLinuxLinux Kernel2.4.0test4******
    2.3OSLinuxLinux Kernel2.4.0test5******
    2.3OSLinuxLinux Kernel2.4.0test6******
    2.3OSLinuxLinux Kernel2.4.0test7******
    2.3OSLinuxLinux Kernel2.4.0test8******
    2.3OSLinuxLinux Kernel2.4.0test9******
    2.3OSLinuxLinux Kernel2.4.1*******
    2.3OSLinuxLinux Kernel2.4.2*******
    2.3OSLinuxLinux Kernel2.4.3*******
    2.3OSLinuxLinux Kernel2.4.3pre3******
    2.3OSLinuxLinux Kernel2.4.4*******
    2.3OSLinuxLinux Kernel2.4.5*******
    2.3OSLinuxLinux Kernel2.4.6*******
    2.3OSLinuxLinux Kernel2.4.7*******
    2.3OSLinuxLinux Kernel2.4.8*******
    2.3OSLinuxLinux Kernel2.4.9*******
    2.3OSLinuxLinux Kernel2.4.10*******
    2.3OSLinuxLinux Kernel2.4.11*******
    2.3OSLinuxLinux Kernel2.4.12*******
    2.3OSLinuxLinux Kernel2.4.13*******
    2.3OSLinuxLinux Kernel2.4.14*******
    2.3OSLinuxLinux Kernel2.4.15*******
    2.3OSLinuxLinux Kernel2.4.16*******
    2.3OSLinuxLinux Kernel2.4.17*******
    2.3OSLinuxLinux Kernel2.4.18*******
    2.3OSLinuxLinux Kernel2.4.18*x86*****
    2.3OSLinuxLinux Kernel2.4.18pre1******
    2.3OSLinuxLinux Kernel2.4.18pre2******
    2.3OSLinuxLinux Kernel2.4.18pre3******
    2.3OSLinuxLinux Kernel2.4.18pre4******
    2.3OSLinuxLinux Kernel2.4.18pre5******
    2.3OSLinuxLinux Kernel2.4.18pre6******
    2.3OSLinuxLinux Kernel2.4.18pre7******
    2.3OSLinuxLinux Kernel2.4.18pre8******
    2.3OSLinuxLinux Kernel2.4.19*******
    2.3OSLinuxLinux Kernel2.4.19pre1******
    2.3OSLinuxLinux Kernel2.4.19pre2******
    2.3OSLinuxLinux Kernel2.4.19pre3******
    2.3OSLinuxLinux Kernel2.4.19pre4******
    2.3OSLinuxLinux Kernel2.4.19pre5******
    2.3OSLinuxLinux Kernel2.4.19pre6******
    2.3OSLinuxLinux Kernel2.4.20*******
    2.3OSLinuxLinux Kernel2.4.21*******
    2.3OSLinuxLinux Kernel2.4.21pre1******
    2.3OSLinuxLinux Kernel2.4.21pre4******
    2.3OSLinuxLinux Kernel2.4.21pre7******
    2.3OSLinuxLinux Kernel2.4.22*******
    2.3OSLinuxLinux Kernel2.4.22pre10******
    2.3OSLinuxLinux Kernel2.4.23*******
    2.3OSLinuxLinux Kernel2.4.23pre9******
    2.3OSLinuxLinux Kernel2.4.23_ow2*******
    2.3OSLinuxLinux Kernel2.4.24*******
    2.3OSLinuxLinux Kernel2.4.24_ow1*******
    2.3OSLinuxLinux Kernel2.4.25*******
    2.3OSLinuxLinux Kernel2.4.26*******
    2.3OSLinuxLinux Kernel2.4.27*******
    2.3OSLinuxLinux Kernel2.4.27pre1******
    2.3OSLinuxLinux Kernel2.4.27pre2******
    2.3OSLinuxLinux Kernel2.4.27pre3******
    2.3OSLinuxLinux Kernel2.4.27pre4******
    2.3OSLinuxLinux Kernel2.4.27pre5******
    2.3OSLinuxLinux Kernel2.4.28*******
    2.3OSLinuxLinux Kernel2.4.29*******
    2.3OSLinuxLinux Kernel2.4.29rc1******
    2.3OSLinuxLinux Kernel2.4.29rc2******
    2.3OSLinuxLinux Kernel2.6.92.6.20******

Vulnerable Software List

VendorProductVersions
Linux Linux Kernel 2.4.0, 2.4.1, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.2, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.23_ow2, 2.4.24, 2.4.24_ow1, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.29, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.6.9

References

NameSourceURLTags
[linux-kernel] 20041216 [Coverity] Untrusted user data in kernelhttp://seclists.org/lists/linux-kernel/2004/Dec/3914.htmlMLIST
[linux-kernel] 20050105 Re: [Coverity] Untrusted user data in kernelhttp://seclists.org/lists/linux-kernel/2005/Jan/1089.htmlMLIST
[linux-kernel] 20050107 [PATCH 2.4.29-pre3-bk4] fs/coda Re: [Coverity] Untrusted user data in kernelhttp://seclists.org/lists/linux-kernel/2005/Jan/2018.htmlMLISTVendor Advisory
[linux-kernel] 20050107 [PATCH 2.6.10-mm2] fs/coda Re: [Coverity] Untrusted user data in kernelhttp://seclists.org/lists/linux-kernel/2005/Jan/2020.htmlMLIST
17002http://secunia.com/advisories/17002SECUNIA
18684http://secunia.com/advisories/18684SECUNIA
19374http://secunia.com/advisories/19374SECUNIA
20163http://secunia.com/advisories/20163SECUNIA
20202http://secunia.com/advisories/20202SECUNIA
20338http://secunia.com/advisories/20338SECUNIA
1013018http://securitytracker.com/id?1013018SECTRACK
DSA-1017http://www.debian.org/security/2006/dsa-1017DEBIAN
DSA-1067http://www.debian.org/security/2006/dsa-1067DEBIAN
DSA-1069http://www.debian.org/security/2006/dsa-1069DEBIAN
DSA-1070http://www.debian.org/security/2006/dsa-1070DEBIAN
DSA-1082http://www.debian.org/security/2006/dsa-1082DEBIAN
RHSA-2005:663http://www.redhat.com/support/errata/RHSA-2005-663.htmlREDHAT
RHSA-2006:0191http://www.redhat.com/support/errata/RHSA-2006-0191.htmlREDHAT
FLSA:157459-1http://www.securityfocus.com/archive/1/428028/100/0/threadedFEDORA
14967http://www.securityfocus.com/bid/14967BID
ADV-2005-1878http://www.vupen.com/english/advisories/2005/1878VUPEN
oval:org.mitre.oval:def:11690https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11690OVAL