Improper access control in Linux kernel - CVE-2003-0127

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU95664

Improper access control in Linux kernel - CVE-2003-0127

Published: March 31, 2003 / Updated: August 9, 2024


Vulnerability identifier: #VU95664
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2003-0127
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability: Public exploit is available
Vendor: Linux Foundation
Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary code.

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.


How to mitigate CVE-2003-0127

Install update from vendor's repository.

Sources