CVE-2005-4783

EPSS 0.08%
Veröffentlicht 31.12.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netbsd ≫ Netbsd Version1.6

Netbsd ≫ Netbsd Version2.0

Netbsd ≫ Netbsd Version2.0.3

Netbsd ≫ Netbsd Version2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.205

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html

http://securitytracker.com/id?1015132

Patch

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c

Patch

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h

Patch

http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727

Patch

http://www.osvdb.org/20729

Patch

http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt

Patch

https://nvd.nist.gov/vuln/detail/CVE-2005-4783

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4783

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4783

EUVD