Main Vulnerability Database SB2001123102

SB2001123102 - Security features in Linux kernel

Published: December 31, 2001

Security Bulletin ID SB2001123102

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features (CVE-ID: CVE-2001-1551)

The vulnerability allows a local user to corrupt data.

Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.

Remediation

Install update from vendor's website.

References

http://archives.neohapsis.com/archives/bugtraq/2001-10/0179.html