CVE-2005-4886
First published: Sun Apr 24 2005(Updated: )
Escalated to Bugzilla from IssueTracker [SELINUX]: Fix ipv6_skip_exthdr() invocation causing OOPS. author Herbert Xu <herbert.org.au> Mon, 25 Apr 2005 03:16:19 +0000 (20:16 -0700) committer David S. Miller <davem> Mon, 25 Apr 2005 03:16:19 +0000 (20:16 -0700) The SELinux hooks invoke ipv6_skip_exthdr() with an incorrect length final argument. However, the length argument turns out to be superfluous. I was just reading ipv6_skip_exthdr and it occured to me that we can get rid of len altogether. The only place where len is used is to check whether the skb has two bytes for ipv6_opt_hdr. This check is done by skb_header_pointer/skb_copy_bits anyway. Now it might appear that we've made the code slower by deferring the check to skb_copy_bits. However, this check should not trigger in the common case so this is OK.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/RHSA-2005 | <514 | 514 |
| Linux kernel | =2.6.4-rc3 | |
| Linux kernel | =2.6.11 | |
| Linux kernel | =2.6.12-rc1 | |
| Linux kernel | =2.6.4-rc1 | |
| Linux kernel | =2.6.11.2 | |
| Linux kernel | =2.6.5 | |
| Linux kernel | =2.6.11.10 | |
| Linux kernel | =2.6.10-rc3 | |
| Linux kernel | =2.6.1 | |
| Linux kernel | =2.6.7-rc3 | |
| Linux kernel | =2.6.3-rc2 | |
| Linux kernel | =2.6.11.8 | |
| Linux kernel | =2.6.10 | |
| Linux kernel | =2.6.11.6 | |
| Linux kernel | =2.6.11.11 | |
| Linux kernel | =2.6.0-test5 | |
| Linux kernel | =2.6.3 | |
| Linux kernel | =2.6.0-test2 | |
| Linux kernel | =2.6.9-rc1 | |
| Linux kernel | =2.6.4 | |
| Linux kernel | =2.6.11.5 | |
| Linux kernel | =2.6.7-rc1 | |
| Linux kernel | =2.6.9-rc3 | |
| Linux kernel | <=2.6.12 | |
| Linux kernel | =2.6.2 | |
| Linux kernel | =2.6.6-rc3 | |
| Linux kernel | =2.6.1-rc3 | |
| Linux kernel | =2.6.0-test11 | |
| Linux kernel | =2.6.2-rc3 | |
| Linux kernel | =2.6.4-rc2 | |
| Linux kernel | =2.6.12-rc2 | |
| Linux kernel | =2.6.1-rc2 | |
| Linux kernel | =2.6.8 | |
| Linux kernel | =2.6.3-rc3 | |
| Linux kernel | =2.6.0-test1 | |
| Linux kernel | =2.6.7-rc2 | |
| Linux kernel | =2.6.0-test6 | |
| Linux kernel | =2.6.11.9 | |
| Linux kernel | =2.6.10-rc2 | |
| Linux kernel | =2.6.0-test4 | |
| Linux kernel | =2.6.2-rc1 | |
| Linux kernel | =2.6.0 | |
| Linux kernel | =2.6.5-rc1 | |
| Linux kernel | =2.6.6-rc2 | |
| Linux kernel | =2.6.9-rc2 | |
| Linux kernel | =2.6.0-test10 | |
| Linux kernel | =2.6.0-test9 | |
| Linux kernel | =2.6.10-rc1 | |
| Linux kernel | =2.6.11.3 | |
| Linux kernel | =2.6.9-rc4 | |
| Linux kernel | =2.6.7 | |
| Linux kernel | =2.6.3-rc4 | |
| Linux kernel | =2.6.1-rc1 | |
| Linux kernel | =2.6.6-rc1 | |
| Linux kernel | =2.6.11.7 | |
| Linux kernel | =2.6.5-rc2 | |
| Linux kernel | =2.6.0-test7 | |
| Linux kernel | =2.6.5-rc3 | |
| Linux kernel | =2.6.2-rc2 | |
| Linux kernel | =2.6.8.1 | |
| Linux kernel | =2.6.3-rc1 | |
| Linux kernel | =2.6.11.4 | |
| Linux kernel | =2.6.11.12 | |
| Linux kernel | =2.6.0-test8 | |
| Linux kernel | =2.6.11.1 | |
| Linux kernel | =2.6.9 | |
| Linux kernel | =2.6.6 | |
| Linux kernel | =2.6.0-test3 | |
| Linux Kernel | <=2.6.12 | |
| Linux Kernel | =2.6.0 | |
| Linux Kernel | =2.6.0-test1 | |
| Linux Kernel | =2.6.0-test10 | |
| Linux Kernel | =2.6.0-test11 | |
| Linux Kernel | =2.6.0-test2 | |
| Linux Kernel | =2.6.0-test3 | |
| Linux Kernel | =2.6.0-test4 | |
| Linux Kernel | =2.6.0-test5 | |
| Linux Kernel | =2.6.0-test6 | |
| Linux Kernel | =2.6.0-test7 | |
| Linux Kernel | =2.6.0-test8 | |
| Linux Kernel | =2.6.0-test9 | |
| Linux Kernel | =2.6.1 | |
| Linux Kernel | =2.6.1-rc1 | |
| Linux Kernel | =2.6.1-rc2 | |
| Linux Kernel | =2.6.1-rc3 | |
| Linux Kernel | =2.6.2 | |
| Linux Kernel | =2.6.2-rc1 | |
| Linux Kernel | =2.6.2-rc2 | |
| Linux Kernel | =2.6.2-rc3 | |
| Linux Kernel | =2.6.3 | |
| Linux Kernel | =2.6.3-rc1 | |
| Linux Kernel | =2.6.3-rc2 | |
| Linux Kernel | =2.6.3-rc3 | |
| Linux Kernel | =2.6.3-rc4 | |
| Linux Kernel | =2.6.4 | |
| Linux Kernel | =2.6.4-rc1 | |
| Linux Kernel | =2.6.4-rc2 | |
| Linux Kernel | =2.6.4-rc3 | |
| Linux Kernel | =2.6.5 | |
| Linux Kernel | =2.6.5-rc1 | |
| Linux Kernel | =2.6.5-rc2 | |
| Linux Kernel | =2.6.5-rc3 | |
| Linux Kernel | =2.6.6 | |
| Linux Kernel | =2.6.6-rc1 | |
| Linux Kernel | =2.6.6-rc2 | |
| Linux Kernel | =2.6.6-rc3 | |
| Linux Kernel | =2.6.7 | |
| Linux Kernel | =2.6.7-rc1 | |
| Linux Kernel | =2.6.7-rc2 | |
| Linux Kernel | =2.6.7-rc3 | |
| Linux Kernel | =2.6.8 | |
| Linux Kernel | =2.6.8.1 | |
| Linux Kernel | =2.6.9 | |
| Linux Kernel | =2.6.9-rc1 | |
| Linux Kernel | =2.6.9-rc2 | |
| Linux Kernel | =2.6.9-rc3 | |
| Linux Kernel | =2.6.9-rc4 | |
| Linux Kernel | =2.6.10 | |
| Linux Kernel | =2.6.10-rc1 | |
| Linux Kernel | =2.6.10-rc2 | |
| Linux Kernel | =2.6.10-rc3 | |
| Linux Kernel | =2.6.11 | |
| Linux Kernel | =2.6.11.1 | |
| Linux Kernel | =2.6.11.2 | |
| Linux Kernel | =2.6.11.3 | |
| Linux Kernel | =2.6.11.4 | |
| Linux Kernel | =2.6.11.5 | |
| Linux Kernel | =2.6.11.6 | |
| Linux Kernel | =2.6.11.7 | |
| Linux Kernel | =2.6.11.8 | |
| Linux Kernel | =2.6.11.9 | |
| Linux Kernel | =2.6.11.10 | |
| Linux Kernel | =2.6.11.11 | |
| Linux Kernel | =2.6.11.12 | |
| Linux Kernel | =2.6.12-rc1 | |
| Linux Kernel | =2.6.12-rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0d3d077cd4f1154e63a9858e47fe3fb1ad0c03e5
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.12/ChangeLog-2.6.12-rc4
- http://www.openwall.com/lists/oss-security/2010/02/22/3
- https://bugzilla.redhat.com/show_bug.cgi?id=160117
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56614
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0d3d077cd4f1154e63a9858e47fe3fb1ad0c03e5
- http://rhn.redhat.com/errata/RHSA-2005-514.html
- http://git.kernel.org/linus/0d3d077cd4f1154e63a9858e47fe3fb1ad0c03e5
- http://git.kernel.org/linus/0d3d077cd4f11
- https://access.redhat.com/security/cve/CVE-2005-4886
- https://www.cve.org/CVERecord?id=CVE-2005-4886 https://nvd.nist.gov/vuln/detail/CVE-2005-4886
- https://access.redhat.com/errata/RHSA-2005:514
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4886.json
Frequently Asked Questions
What is the severity of CVE-2005-4886?
CVE-2005-4886 has a medium severity rating due to potential security impacts in affected Linux kernel versions.
How do I fix CVE-2005-4886?
To fix CVE-2005-4886, update your Linux kernel to version 2.6.12 or later, which includes the necessary patches.
What versions of the Linux kernel are affected by CVE-2005-4886?
CVE-2005-4886 affects Linux kernel versions up to and including 2.6.12.
What does CVE-2005-4886 impact?
CVE-2005-4886 impacts the SELinux functionality within the Linux kernel, particularly related to ipv6_skip_exthdr().
Who reported CVE-2005-4886?
CVE-2005-4886 was reported by Herbert Xu and subsequently addressed by David S. Miller.
- agent/author
- agent/type
- collector/redhat-cve
- source/Red Hat
- agent/first-publish-date
- agent/softwarecombine
- collector/redhat-bugzilla
- alias/CVE-2005-4886
- agent/software-canonical-lookup
- agent/references
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/nvd-historical
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.12
- version/linux kernel/2.6.0
- version/linux kernel/2.6.0-test1
- version/linux kernel/2.6.0-test10
- version/linux kernel/2.6.0-test11
- version/linux kernel/2.6.0-test2
- version/linux kernel/2.6.0-test3
- version/linux kernel/2.6.0-test4
- version/linux kernel/2.6.0-test5
- version/linux kernel/2.6.0-test6
- version/linux kernel/2.6.0-test7
- version/linux kernel/2.6.0-test8
- version/linux kernel/2.6.0-test9
- version/linux kernel/2.6.1
- version/linux kernel/2.6.1-rc1
- version/linux kernel/2.6.1-rc2
- version/linux kernel/2.6.1-rc3
- version/linux kernel/2.6.2
- version/linux kernel/2.6.2-rc1
- version/linux kernel/2.6.2-rc2
- version/linux kernel/2.6.2-rc3
- version/linux kernel/2.6.3
- version/linux kernel/2.6.3-rc1
- version/linux kernel/2.6.3-rc2
- version/linux kernel/2.6.3-rc3
- version/linux kernel/2.6.3-rc4
- version/linux kernel/2.6.4
- version/linux kernel/2.6.4-rc1
- version/linux kernel/2.6.4-rc2
- version/linux kernel/2.6.4-rc3
- version/linux kernel/2.6.5
- version/linux kernel/2.6.5-rc1
- version/linux kernel/2.6.5-rc2
- version/linux kernel/2.6.5-rc3
- version/linux kernel/2.6.6
- version/linux kernel/2.6.6-rc1
- version/linux kernel/2.6.6-rc2
- version/linux kernel/2.6.6-rc3
- version/linux kernel/2.6.7
- version/linux kernel/2.6.7-rc1
- version/linux kernel/2.6.7-rc2
- version/linux kernel/2.6.7-rc3
- version/linux kernel/2.6.8
- version/linux kernel/2.6.8.1
- version/linux kernel/2.6.9
- version/linux kernel/2.6.9-rc1
- version/linux kernel/2.6.9-rc2
- version/linux kernel/2.6.9-rc3
- version/linux kernel/2.6.9-rc4
- version/linux kernel/2.6.10
- version/linux kernel/2.6.10-rc1
- version/linux kernel/2.6.10-rc2
- version/linux kernel/2.6.10-rc3
- version/linux kernel/2.6.11
- version/linux kernel/2.6.11.1
- version/linux kernel/2.6.11.2
- version/linux kernel/2.6.11.3
- version/linux kernel/2.6.11.4
- version/linux kernel/2.6.11.5
- version/linux kernel/2.6.11.6
- version/linux kernel/2.6.11.7
- version/linux kernel/2.6.11.8
- version/linux kernel/2.6.11.9
- version/linux kernel/2.6.11.10
- version/linux kernel/2.6.11.11
- version/linux kernel/2.6.11.12
- version/linux kernel/2.6.12-rc1
- version/linux kernel/2.6.12-rc2