Linux Kernel本地鼠标和键盘事件注入漏洞-一一网

漏洞信息详情

Linux Kernel本地鼠标和键盘事件注入漏洞

CNNVD编号：CNNVD-200505-161

危害等级：高危
CVE编号：
CVE-2005-0839
漏洞类型：

访问验证错误
发布时间：

2005-05-02
威胁类型：

本地
更新时间：

2005-10-20
厂商：

linux
漏洞来源：
The vendor disclos…

漏洞简介

Linux kernel 2.6.11之前的2.6版本，并未限制对TTY的N_MOUSE线路规程的访问，从而允许本地用户可以通过将鼠标或键盘事件注入到其他用户会话中来获取权限。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Linux kernel 2.6.8 rc1

Ubuntu linux-doc-2.6.8.1_2.6.8.1-16.13_all.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-doc-2.6.8.1_2.6.8.1-16.13_all.deb

Ubuntu linux-headers-2.6.8.1-5-386_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-386_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5-686_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.13_amd64.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.13_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.13_amd64.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.13_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.13_amd64.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.13_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.13_amd64.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.13_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5-k7_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power3_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power4_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.13_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.13_amd64.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.13_amd64.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.13_i386.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.13_i386.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.13_powerpc.deb

Ubuntu 4.10 (Warty Warthog)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.

参考网址

来源: MLIST

名称: [linux-kernel] 20050301 Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline.

链接:http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg64704.html

来源: MISC

链接:http://linux.bkbits.net:8080/linux-2.6/cset@41fa6464E1UuGu6zmketEYxm73KSyQ

来源: FEDORA

名称: FLSA:157459-3

链接:http://www.securityfocus.com/archive/1/archive/1/427980/100/0/threaded

来源: REDHAT

名称: RHSA-2005:366

链接:http://www.redhat.com/support/errata/RHSA-2005-366.html

更多>>

文章版权归作者所有，未经允许请勿转载。

THE END

信息安全

IRIX fsdump命令权限许可和访问控制漏洞

2020全网最简单破解水卡饭卡教程

手把手教你构建垃圾分类系统-基于tensorflow2.3

Phoenix Evolution CMS 多个跨站脚本攻击漏洞

prismjs 高亮在vite中使用

王道《操作系统》学习笔记（3）：内存

Linux Kernel本地鼠标和键盘事件注入漏洞

漏洞信息详情

Linux Kernel本地鼠标和键盘事件注入漏洞

漏洞简介

漏洞公告

参考网址

受影响实体