CVE-2005-3257 | Vulnerability Database | Aqua Security

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	2.6.12 (including)	2.6.12 (including)
Linux_kernel	Linux	2.6.14.4 (including)	2.6.14.4 (including)
Red Hat Enterprise Linux 4	RedHat	kernel-0:2.6.9-55.EL	*

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113
http://rhn.redhat.com/errata/RHBA-2007-0304.html
http://secunia.com/advisories/17226
http://secunia.com/advisories/17826
http://secunia.com/advisories/17995
http://secunia.com/advisories/18203
http://secunia.com/advisories/19185
http://secunia.com/advisories/19369
http://secunia.com/advisories/19374
http://www.debian.org/security/2006/dsa-1017
http://www.debian.org/security/2006/dsa-1018
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
http://www.securityfocus.com/bid/15122
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10615
https://usn.ubuntu.com/231-1/
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113
http://rhn.redhat.com/errata/RHBA-2007-0304.html
http://secunia.com/advisories/17226
http://secunia.com/advisories/17826
http://secunia.com/advisories/17995
http://secunia.com/advisories/18203
http://secunia.com/advisories/19185
http://secunia.com/advisories/19369
http://secunia.com/advisories/19374
http://www.debian.org/security/2006/dsa-1017
http://www.debian.org/security/2006/dsa-1018
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
http://www.securityfocus.com/bid/15122
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10615
https://usn.ubuntu.com/231-1/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3257
CWE	https://cwe.mitre.org/data/definitions/264.html