Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel privilege escalation
updated since 11.11.2004
Published:18.02.2007
Source:
SecurityVulns ID:4173
Type:remote
Threat Level:
5/10
Description:Invalid exception conditions handling leads to multiple reace conditions with privileged memory access.
Affected:LINUX : kernel 2.4
 LINUX : kernel 2.6
CVE:CVE-2007-0958 (Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.)
 CVE-2004-1073 (The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.)
Original documentdocumentKatrina Tsipenyuk, Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel (18.12.2004)
 documentPaul Starzetz, Linux ELF loader vulnerabilities (11.11.2004)
Files:ChangeLog-2.6.20

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod