Candidate: CVE-2005-3257
References: 
 URL: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2005-3257
 CONFIRM: http://article.gmane.org/gmane.linux.debian.devel.bugs.general/8533
Description: 
 The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12 allows local
 users to use the KDSKBSENT ioctl on terminals of other users and gain
 privileges, as demonstrated by modifying key bindings using loadkeys. 
Bugs: 334113
Notes: 
 The first patch is the bit that adds the capability check; the second
 one makes it less anal (only apply to writes).
 jmm> The patch targeted to 2.6.14.4 is slightly different, needs to be
 jmm> sorted out.
upstream: released (2.4.32-rc3), released (2.6.15-rc1), released (2.6.14.4)
2.6.8-sarge-security: released (2.6.8-16sarge2) [setkeys-needs-root-1.dpatch, setkeys-needs-root-2.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [197_setkeys-needs-root-1.diff, 197_setkeys-needs-root-2.diff]
linux-2.6: released (2.6.14-6)
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: