CVE-2005-4783
NetBSD - Unauthenticated Arbitrary Kernel Memory Read via kernfs_xread Negative Offset
Title source: llmDescription
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
References (7)
Core 7
Core References
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015132
Patch x_refsource_confirm
http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h
Patch x_refsource_confirm
http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20729
Patch vendor-advisory
x_refsource_netbsd
http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt
Various Sources mailing-list
x_refsource_mlist
http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html
Patch x_refsource_confirm
http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c
Scores
EPSS
0.0008
EPSS Percentile
23.3%
Details
Status
published
Products (4)
netbsd/netbsd
1.6
netbsd/netbsd
2.0
netbsd/netbsd
2.0.3
netbsd/netbsd
2.1
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026