CVE-2005-0180

Name of the Vulnerable Software and Affected Versions Linux versions 2.6.x

Description The issue concerns multiple integer signedness errors in the sg scsi ioctl function. This allows local users to bypass a maximum length check, potentially enabling them to read or modify kernel memory by providing negative integers as arguments to the scsi ioctl. The errors occur before the copy from user and copy to user functions are called.

Recommendations For Linux version 2.6.x, consider restricting access to the sg scsi ioctl function until a patch is available. As a temporary workaround, avoid using negative integers in arguments to the scsi ioctl to minimize the risk of exploitation.