Main Vulnerability Database SB2004080604

SB2004080604 - Null pointer dereference in Linux kernel

Published: August 6, 2004

Security Bulletin ID SB2004080604

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Null pointer dereference (CVE-ID: CVE-2004-0596)

The vulnerability allows a local user to perform service disruption.

The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.

Remediation

Install update from vendor's website.

References

http://linux.bkbits.net:8080/linux-2.6/cset@40d4aa72hPLWy-jMLr0eJAXMxHcNZg
http://www.securityfocus.com/bid/10730
https://exchange.xforce.ibmcloud.com/vulnerabilities/16694