Main Vulnerability Database Vulnerabilities #VU100019

Improper privilege management in Linux kernel - CVE-1999-1166

Published: July 11, 1999 / Updated: November 7, 2024

Vulnerability identifier: #VU100019

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-1999-1166

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary code.

Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.

How to mitigate CVE-1999-1166

Install update from vendor's repository.

Sources

http://www.securityfocus.com/archive/1/18156
http://www.securityfocus.com/bid/523

Improper privilege management in Linux kernel - CVE-1999-1166

Detailed vulnerability description

How to mitigate CVE-1999-1166

Sources

Please verify you're human