SB2004123109 - Security restrictions bypass in Linux kernel

Description

This security bulletin contains information about 1 vulnerability.

1) Security restrictions bypass (CVE-ID: CVE-2004-1144)

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to execute arbitrary code.

Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.

Remediation

Install update from vendor's website.

References

• http://marc.info/?l=bugtraq&m=110376890429798&w=2
• http://www.redhat.com/support/errata/RHSA-2004-689.html
• https://exchange.xforce.ibmcloud.com/vulnerabilities/18686
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10439