CVE-2005-1264

Description

Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

Risk Information

Base Score

6.2

MODERATE

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

Exploitation Probability

0.052

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234