CVE-2005-2492 : The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local us

The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

Published 2005-09-14 19:03:00

Updated 2025-04-03 01:03:51

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2005-2492

Redhat » Enterprise Linux » Version: 4.0
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6 Test9 Cvs
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test11
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test2
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test9
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test1
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test10
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test7
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test8
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test5
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test6
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test3
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test4
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.9 Update 2.6.20
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.7
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.8
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.5
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.6
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.11
cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 4.10
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 5.04
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2005-2492

Top countries where our scanners detected CVE-2005-2492

Top open port discovered on systems with this issue 49153

IPs affected by CVE-2005-2492 11,250

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-2492!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-2492

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-2492

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.6	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:P	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2005-2492

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2005-2492

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166830

Issue Tracking;Patch
http://secunia.com/advisories/17073

About Secunia Research | Flexera
Permissions Required;Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/16747/

Permissions Required;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/usn-178-1

Third Party Advisory

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220

Advisories - Mandriva Linux

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2005-514.html

Support
Not Applicable

CVEs referencing this url
http://www.securityfocus.com/archive/1/427980/100/0/threaded

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11031
https://exchange.xforce.ibmcloud.com/vulnerabilities/22218
http://marc.info/?l=bugtraq&m=112690609622266&w=2

'TSLSA-2005-0049 - multi' - MARC
Mailing List

CVEs referencing this url
http://www.securityfocus.com/bid/14787

Third Party Advisory;VDB Entry
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1

CVEs referencing this url
http://www.securityfocus.com/archive/1/419522/100/0/threaded

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235

Advisories - Mandriva Linux
Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/17918

Permissions Required;Third Party Advisory

CVEs referencing this url