What is the severity of CVE-2005-0180?

CVE-2005-0180 is classified as a high severity vulnerability due to its potential for local users to access arbitrary kernel memory.

How do I fix CVE-2005-0180?

To fix CVE-2005-0180, upgrade the Linux kernel to a version that has patched the vulnerability, specifically versions later than the affected 2.6.x series.

Which versions are affected by CVE-2005-0180?

CVE-2005-0180 affects multiple versions of the Linux kernel, particularly versions 2.6.0 to 2.6.12-rc4.

What are the implications of CVE-2005-0180 for local users?

Local users can exploit CVE-2005-0180 to read or modify kernel memory, potentially leading to data leakage or privilege escalation.

Are there known exploits for CVE-2005-0180?

Yes, there are known proof-of-concept exploits for CVE-2005-0180 that demonstrate its potential for exploitation.

Vulnerability/
CVE-2005-0180

low

3.6

CWE

NVD-CWE-Other

6/2/2005

7/8/2024

CVE-2005-0180

First published: Sun Feb 06 2005(Updated: )

Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Linux kernel	=2.6.11-rc3
Linux kernel	=2.6.11
Linux kernel	=2.6.12-rc1
Linux kernel	=2.6.12-rc4
Linux kernel	=2.6.11.2
Linux kernel	=2.6.5
Linux kernel	=2.6.1
Linux kernel	=2.6.11.8
Linux kernel	=2.6.10
Linux kernel	=2.6.11.6
Linux kernel	=2.6.0-test5
Linux kernel	=2.6.3
Linux kernel	=2.6.0-test2
Linux kernel	=2.6.4
Linux kernel	=2.6_test9_cvs
Linux kernel	=2.6.11.5
Linux kernel	=2.6.7-rc1
Linux kernel	=2.6.2
Linux kernel	=2.6.8-rc1
Linux kernel	=2.6.0-test11
Linux kernel	=2.6.1-rc2
Linux kernel	=2.6.11-rc4
Linux kernel	=2.6.8
Linux kernel	=2.6.0-test1
Linux kernel	=2.6.0-test6
Linux kernel	=2.6.10-rc2
Linux kernel	=2.6.0-test4
Linux kernel	=2.6.0
Linux kernel	=2.6.0-test10
Linux kernel	=2.6.0-test9
Linux kernel	=2.6.11.3
Linux kernel	=2.6.7
Linux kernel	=2.6.11-rc2
Linux kernel	=2.6.1-rc1
Linux kernel	=2.6.6-rc1
Linux kernel	=2.6.9-2.6.20
Linux kernel	=2.6.11.7
Linux kernel	=2.6.0-test7
Linux kernel	=2.6.8.1
Linux kernel	=2.6.8-rc2
Linux kernel	=2.6.8-rc3
Linux kernel	=2.6.11.4
Linux kernel	=2.6.0-test8
Linux kernel	=2.6.11.1
Linux kernel	=2.6.6
Linux kernel	=2.6.0-test3

Remedy

http://www.redhat.com/support/errata/RHSA-2005-092.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0180?
CVE-2005-0180 is classified as a high severity vulnerability due to its potential for local users to access arbitrary kernel memory.
How do I fix CVE-2005-0180?
To fix CVE-2005-0180, upgrade the Linux kernel to a version that has patched the vulnerability, specifically versions later than the affected 2.6.x series.
Which versions are affected by CVE-2005-0180?
CVE-2005-0180 affects multiple versions of the Linux kernel, particularly versions 2.6.0 to 2.6.12-rc4.
What are the implications of CVE-2005-0180 for local users?
Local users can exploit CVE-2005-0180 to read or modify kernel memory, potentially leading to data leakage or privilege escalation.
Are there known exploits for CVE-2005-0180?
Yes, there are known proof-of-concept exploits for CVE-2005-0180 that demonstrate its potential for exploitation.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/severity
agent/references
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/linux
canonical/linux kernel
version/linux kernel/2.6.0
version/linux kernel/2.6.0-test1
version/linux kernel/2.6.0-test10
version/linux kernel/2.6.0-test11
version/linux kernel/2.6.0-test2
version/linux kernel/2.6.0-test3
version/linux kernel/2.6.0-test4
version/linux kernel/2.6.0-test5
version/linux kernel/2.6.0-test6
version/linux kernel/2.6.0-test7
version/linux kernel/2.6.0-test8
version/linux kernel/2.6.0-test9
version/linux kernel/2.6.1
version/linux kernel/2.6.1-rc1
version/linux kernel/2.6.1-rc2
version/linux kernel/2.6.2
version/linux kernel/2.6.3
version/linux kernel/2.6.4
version/linux kernel/2.6.5
version/linux kernel/2.6.6
version/linux kernel/2.6.6-rc1
version/linux kernel/2.6.7
version/linux kernel/2.6.7-rc1
version/linux kernel/2.6.8
version/linux kernel/2.6.8-rc1
version/linux kernel/2.6.8-rc2
version/linux kernel/2.6.8-rc3
version/linux kernel/2.6.8.1
version/linux kernel/2.6.9-2.6.20
version/linux kernel/2.6.10
version/linux kernel/2.6.10-rc2
version/linux kernel/2.6.11
version/linux kernel/2.6.11-rc2
version/linux kernel/2.6.11-rc3
version/linux kernel/2.6.11-rc4
version/linux kernel/2.6.11.1
version/linux kernel/2.6.11.2
version/linux kernel/2.6.11.3
version/linux kernel/2.6.11.4
version/linux kernel/2.6.11.5
version/linux kernel/2.6.11.6
version/linux kernel/2.6.11.7
version/linux kernel/2.6.11.8
version/linux kernel/2.6.12-rc1
version/linux kernel/2.6.12-rc4
version/linux kernel/2.6_test9_cvs

Frequently Asked Questions

What is the severity of CVE-2005-0180?
CVE-2005-0180 is classified as a high severity vulnerability due to its potential for local users to access arbitrary kernel memory.
How do I fix CVE-2005-0180?
To fix CVE-2005-0180, upgrade the Linux kernel to a version that has patched the vulnerability, specifically versions later than the affected 2.6.x series.
Which versions are affected by CVE-2005-0180?
CVE-2005-0180 affects multiple versions of the Linux kernel, particularly versions 2.6.0 to 2.6.12-rc4.
What are the implications of CVE-2005-0180 for local users?
Local users can exploit CVE-2005-0180 to read or modify kernel memory, potentially leading to data leakage or privilege escalation.
Are there known exploits for CVE-2005-0180?
Yes, there are known proof-of-concept exploits for CVE-2005-0180 that demonstrate its potential for exploitation.

CVE-2005-0180

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0180?

How do I fix CVE-2005-0180?

Which versions are affected by CVE-2005-0180?

What are the implications of CVE-2005-0180 for local users?

Are there known exploits for CVE-2005-0180?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2005-0180?

How do I fix CVE-2005-0180?

Which versions are affected by CVE-2005-0180?

What are the implications of CVE-2005-0180 for local users?

Are there known exploits for CVE-2005-0180?