CVE-2005-2555

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel versions prior to 2.6.8 Debian GNU/Linux kernel-headers versions prior to 2.6.8 Debian GNU/Linux kernel-image versions prior to 2.6.8 Debian GNU/Linux kernel-pcmcia-modules versions prior to 2.6.8 Debian GNU/Linux lm-sensors versions prior to 2.4.27-3 Debian GNU/Linux i2c versions prior to 2.4.27-3

Description The Linux kernel does not properly restrict socket policy access to users with the CAP NET ADMIN capability, which could allow local users to conduct unauthorized activities. The vulnerability can be exploited remotely. The issue affects multiple packages in the Debian GNU/Linux operating system, including the kernel, kernel-headers, kernel-image, kernel-pcmcia-modules, lm-sensors, and i2c.

Recommendations For Debian GNU/Linux kernel versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-headers versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-image versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux kernel-pcmcia-modules versions prior to 2.6.8, update to version 2.6.8 or later. For Debian GNU/Linux lm-sensors versions prior to 2.4.27-3, update to version 2.4.27-3 or later. For Debian GNU/Linux i2c versions prior to 2.4.27-3, update to version 2.4.27-3 or later.