CVE-2005-4881


Severity : Medium
Published : 2009-10-19
Modified : 2012-03-19
Base Score : 4.9
Details : The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions.
Product/Version : Professional PRO 5.0  
CGE 5.x  
Mobilinux 5.x  
Professional PRO 5.0  
Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
 
 
 


CVE Vulnerabilities List CVE-2005
CVE-2005-4889CVE-2005-4881CVE-2005-4811CVE-2005-4618
CVE-2005-3359CVE-2005-3358CVE-2005-3276CVE-2005-3274
CVE-2005-3273CVE-2005-3272CVE-2005-3185CVE-2005-3055
CVE-2005-2974CVE-2005-2946CVE-2005-2800CVE-2005-2492
CVE-2005-2459CVE-2005-2458CVE-2005-2457CVE-2005-2368
CVE-2005-2099CVE-2005-2098CVE-2005-1369CVE-2005-1368
CVE-2005-1260CVE-2005-1228CVE-2005-0953CVE-2005-0758
CVE-2005-0504CVE-2005-0448CVE-2005-0179CVE-2005-0069