CVE-2005-3257

Linux Kernel - Access Control

Title source: rule
STIX 2.1

Description

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Rudolf Polzer · textlocallinux
https://www.exploit-db.com/exploits/26353

References (18)

Core 18
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHBA-2007-0304.html
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10615
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19369
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18203
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17226
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1018
Exploit, Vendor Advisory x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19185
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15122
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17826
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1017
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19374
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/231-1/
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17995

Scores

EPSS 0.0039
EPSS Percentile 59.9%

Details

CWE
CWE-264
Status published
Products (2)
linux/linux_kernel 2.6.12
linux/linux_kernel 2.6.14.4
Published Oct 18, 2005
Tracked Since Feb 18, 2026