CVE-2005-0839

Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	2.6.0 (including)	2.6.0 (including)
Linux_kernel	Linux	2.6.1 (including)	2.6.1 (including)
Linux_kernel	Linux	2.6.1-rc1 (including)	2.6.1-rc1 (including)
Linux_kernel	Linux	2.6.1-rc2 (including)	2.6.1-rc2 (including)
Linux_kernel	Linux	2.6.2 (including)	2.6.2 (including)
Linux_kernel	Linux	2.6.3 (including)	2.6.3 (including)
Linux_kernel	Linux	2.6.4 (including)	2.6.4 (including)
Linux_kernel	Linux	2.6.5 (including)	2.6.5 (including)
Linux_kernel	Linux	2.6.6 (including)	2.6.6 (including)
Linux_kernel	Linux	2.6.7 (including)	2.6.7 (including)
Linux_kernel	Linux	2.6.8 (including)	2.6.8 (including)
Linux_kernel	Linux	2.6.8.1 (including)	2.6.8.1 (including)
Linux_kernel	Linux	2.6.9-2.6.20 (including)	2.6.9-2.6.20 (including)
Linux_kernel	Linux	2.6.10 (including)	2.6.10 (including)
Linux_kernel	Linux	2.6.10-rc2 (including)	2.6.10-rc2 (including)
Red Hat Enterprise Linux 4	RedHat	kernel-0:2.6.9-5.0.5.EL	*
Linux-source-2.6.15	Ubuntu	dapper	*
Linux-source-2.6.17	Ubuntu	edgy	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0839
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References