SB2004120601 - Improper input validation in Linux kernel
Published: December 6, 2004 Updated: August 7, 2024
Security Bulletin ID
SB2004120601
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper input validation (CVE-ID: CVE-2004-0497)
The vulnerability allows a local user to corrupt data.
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
Remediation
Install update from vendor's website.
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066
- http://www.novell.com/linux/security/advisories/2004_20_kernel.html
- http://www.redhat.com/support/errata/RHSA-2004-354.html
- http://www.redhat.com/support/errata/RHSA-2004-360.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16599
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867