CVE-2005-1264 : Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function

Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

Published 2005-05-17 04:00:00

Updated 2025-04-03 01:03:51

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2005-1264

Linux » Linux Kernel » Version: 2.6.1 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6 Test9 Cvs
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test11
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test2
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test9
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test1
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test10
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test7
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test8
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test5
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test6
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test3
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test4
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.9 Update 2.6.20
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2005-1264

Top countries where our scanners detected CVE-2005-1264

Top open port discovered on systems with this issue 49153

IPs affected by CVE-2005-1264 11,248

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-1264!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-1264

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-1264

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2005-1264

Jump to

Vulnerability Details : CVE-2005-1264

Products affected by CVE-2005-1264

Threat overview for CVE-2005-1264

Exploit prediction scoring system (EPSS) score for CVE-2005-1264

CVSS scores for CVE-2005-1264

References for CVE-2005-1264