Main Vulnerability Database Exploits ID:10801 - Exploit for Out-of-bounds read in Linux kernel - CVE-2004-1137

ID:10801 - Exploit for Out-of-bounds read in Linux kernel - CVE-2004-1137

Published: November 5, 2024

Vulnerability identifier: #VU99735

Vulnerability risk: Low

CVE-ID: CVE-2004-1137

CWE-ID: CWE-125

Exploitation vector: Remote access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/686/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.

Remediation

Install update from vendor's repository.

ID:10801 - Exploit for Out-of-bounds read in Linux kernel - CVE-2004-1137

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human