CVE Vulnerabilities

CVE-2005-3257

Published: Oct 18, 2005 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.12 (including) 2.6.12 (including)
Linux_kernel Linux 2.6.14.4 (including) 2.6.14.4 (including)
Red Hat Enterprise Linux 4 RedHat kernel-0:2.6.9-55.EL *

References