Main Vulnerability Database Vulnerabilities #VU99939

Improper input validation in Linux kernel - CVE-2004-1234

Published: December 31, 2004 / Updated: October 11, 2017

Vulnerability identifier: #VU99939

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2004-1234

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to perform service disruption.

load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.

How to mitigate CVE-2004-1234

Install update from vendor's repository.

Sources

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=142965
http://linux.bkbits.net:8080/linux-2.4/cset@4076466d_SqUm4azg4_v3FIG2-X6XQ
http://secunia.com/advisories/20162
http://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
http://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
http://www.redhat.com/support/errata/RHSA-2004-689.html
http://www.redhat.com/support/errata/RHSA-2005-016.html
http://www.redhat.com/support/errata/RHSA-2005-017.html
http://www.securityfocus.com/bid/12101
https://bugzilla.fedora.us/show_bug.cgi?id=2336
https://exchange.xforce.ibmcloud.com/vulnerabilities/18687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10608

Improper input validation in Linux kernel - CVE-2004-1234

Detailed vulnerability description

How to mitigate CVE-2004-1234

Sources

Please verify you're human