Candidate: CVE-2005-1264 References: MLIST:[linux-kernel] 20050517 [PATCH] Fix root hole in raw device URL: VULNWATCH:20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability URL: VULNWATCH:20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability URL: CONFIRM: FRSIRT:ADV-2005-0557 URL: Description: Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589. Notes: dannf> Code is very different in 2.4, don't know if its vulnerable Bugs: upstream: released ( linux-2.6: N/A 2.6.8-sarge-security: released (2.6.8-16) [drivers-block-raw-ioctl.dpatch] 2.4.27-sarge-security: ignored (2.4.27-10sarge3) 2.6.18-etch-security: N/A