Description
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Product(s):
- Linux Linux Kernel RC7
- Linux Kernel 2.2
- Linux Kernel 2.2.10
- Linux Kernel 2.2.11
- Linux Kernel 2.2.12
- Linux Kernel 2.2.13
- Linux Kernel 2.2.13 pre15
- Linux Kernel 2.2.14
- Linux Kernel 2.2.15
- Linux Kernel 2.2.15 pre16
- Linux Linux Kernel 2.2.15_pre20
- Linux Kernel 2.2.16
- Linux Kernel 2.2.16 pre5
- Linux Kernel 2.2.16 pre6
- Linux Kernel 2.2.17
- Linux Kernel 2.2.17.14
- Linux Kernel 2.2.18
- Linux Kernel 2.2.19
- Linux Kernel 2.2.1
- Linux Kernel 2.2.20
- Linux Kernel 2.2.21
- Linux Kernel 2.2.21 pre1
- Linux Kernel 2.2.21 pre2
- Linux Kernel 2.2.21 pre3
- Linux Kernel 2.2.21 pre4
- Linux Kernel 2.2.21 rc1
- Linux Kernel 2.2.21 rc2
- Linux Kernel 2.2.21 rc3
- Linux Kernel 2.2.21 rc4
- Linux Kernel 2.2.22
- Linux Kernel 2.2.22 rc1
- Linux Kernel 2.2.22 rc2
- Linux Kernel 2.2.22 rc3
- Linux Kernel 2.2.23
- Linux Kernel 2.2.23 rc1
- Linux Kernel 2.2.23 rc2
- Linux Kernel 2.2.24
- Linux Kernel 2.2.24 rc2
- Linux Kernel 2.2.24 rc3
- Linux Kernel 2.2.24 rc4
- Linux Kernel 2.2.24 rc5
- Linux Kernel 2.2.25
- Linux Kernel 2.2.2
- Linux Kernel 2.2.3
- Linux Kernel 2.2.4
- Linux Kernel 2.2.4 rc1
- Linux Kernel 2.2.5
- Linux Kernel 2.2.6
- Linux Kernel 2.2.7
- Linux Kernel 2.2.8
- Linux Kernel 2.2.9
- Linux Kernel 2.3
- Linux Kernel 2.3.99
- Linux Kernel 2.3.99 pre1
- Linux Kernel 2.3.99 pre2
- Linux Kernel 2.3.99 pre3
- Linux Kernel 2.3.99 pre4
- Linux Kernel 2.3.99 pre5
- Linux Kernel 2.3.99 pre6
- Linux Kernel 2.3.99 pre7
- Linux Kernel 2.3.99 pre8
- Linux Kernel 2.3.99 pre9
- Linux Kernel 2.4.0
- Linux Kernel 2.4.0 test10
- Linux Kernel 2.4.0 test11
- Linux Kernel 2.4.0 test12
- Linux Kernel 2.4.0 test1
- Linux Kernel 2.4.0 test2
- Linux Kernel 2.4.0 test3
- Linux Kernel 2.4.0 test4
- Linux Kernel 2.4.0 test5
- Linux Kernel 2.4.0 test6
- Linux Kernel 2.4.0 test7
- Linux Kernel 2.4.0 test8
- Linux Kernel 2.4.0 test9
- Linux Kernel 2.4.10
- Linux Kernel 2.4.11
- Linux Kernel 2.4.11 pre3
- Linux Kernel 2.4.12
- Linux Kernel 2.4.13
- Linux Kernel 2.4.14
- Linux Kernel 2.4.15
- Linux Kernel 2.4.16
- Linux Kernel 2.4.17
- Linux Kernel 2.4.18
- Linux Kernel 2.4.18 on X86
- Linux Kernel 2.4.18 pre1
- +190 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0504, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0504 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.
References:
- http://webappsec.pbworks.com/Buffer-Overflow
- https://capec.mitre.org/data/definitions/10.html
- https://capec.mitre.org/data/definitions/100.html
- https://capec.mitre.org/data/definitions/123.html
- https://capec.mitre.org/data/definitions/14.html
- https://capec.mitre.org/data/definitions/24.html
- https://capec.mitre.org/data/definitions/42.html
- https://capec.mitre.org/data/definitions/44.html
- https://capec.mitre.org/data/definitions/45.html
- https://capec.mitre.org/data/definitions/46.html
- https://capec.mitre.org/data/definitions/47.html
- https://capec.mitre.org/data/definitions/8.html
- https://capec.mitre.org/data/definitions/9.html
- https://nvd.nist.gov/vuln/detail/CVE-2005-0504