CVE-2005-4618 : Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local use

Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.

Published 2005-12-31 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Products affected by CVE-2005-4618

Linux » Linux Kernel » Version: 2.6.1 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6 Test9 Cvs
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test11
cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test2
cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test9
cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test1
cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test10
cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test7
cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test8
cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test5
cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test6
cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test3
cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0 Update Test4
cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.9 Update 2.6.20
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.7
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.8
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.5
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.6
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.11
cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.4
cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.3
cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.3
cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.2
cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.5
cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.4
cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.2
cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.1
cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.1
cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.12
cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13
cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.6
cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13 Update RC6
cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13 Update RC7
cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12 Update RC5
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.4
cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.2
cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.5
cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.3
cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.1
cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14
cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15
cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2005-4618

Top countries where our scanners detected CVE-2005-4618

Top open port discovered on systems with this issue 49153

IPs affected by CVE-2005-4618 11,863

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-4618!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-4618

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 31 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-4618

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.6	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:P	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-4618

http://www.debian.org/security/2006/dsa-1018

[SECURITY] [DSA 1018-1] New Linux kernel 2.4.27 packages fix several vulnerabilities
Patch;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/16141

Patch
https://usn.ubuntu.com/244-1/

CVEs referencing this url
http://www.debian.org/security/2006/dsa-1017

[SECURITY] [DSA 1017-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/18216

Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/19374

About Secunia Research | Flexera
Patch;Vendor Advisory

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:040

CVEs referencing this url
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8febdd85adaa41fa1fc1cb31286210fc2cd3ed0c
http://secunia.com/advisories/19369

About Secunia Research | Flexera
Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/18527

Patch;Vendor Advisory

CVEs referencing this url
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15

CVEs referencing this url
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8febdd85adaa41fa1fc1cb31286210fc2cd3ed0c
http://www.vupen.com/english/advisories/2006/0035

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2005-4618

Products affected by CVE-2005-4618

Threat overview for CVE-2005-4618

Exploit prediction scoring system (EPSS) score for CVE-2005-4618

CVSS scores for CVE-2005-4618

References for CVE-2005-4618