Security restrictions bypass in Linux kernel - CVE-2004-0001
Published: February 17, 2004 / Updated: October 10, 2017
Vulnerability identifier: #VU99954
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2004-0001
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to execute arbitrary code.
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
How to mitigate CVE-2004-0001
Install update from vendor's repository.
Sources
- http://security.gentoo.org/glsa/glsa-200402-06.xml
- http://www.kb.cert.org/vuls/id/337238
- http://www.redhat.com/support/errata/RHSA-2004-017.html
- http://www.securityfocus.com/bid/9429
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14888
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A868