Main Vulnerability Database Vulnerabilities #VU95478

#VU95478 Improper input validation in Linux kernel - CVE-2004-0497

Published: December 6, 2004 / Updated: August 7, 2024

Vulnerability identifier: #VU95478

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2004-0497

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to corrupt data.

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

Install update from vendor's repository.