Vulnerability in USB Drivers of Linux 2.4 Kernel Affecting Local Users
CVE-2004-0685

Currently unrated

Key Information:

Vendor
Linux
Status
Linux Kernel
Secure Linux
Enterprise Linux Desktop
Enterprise Linux
Vendor
CVE Published:
23 December 2004

Summary

Certain USB drivers in the Linux 2.4 kernel improperly utilize the copy_to_user function on uninitialized structures. This oversight can permit local users to access sensitive information by reading memory sections that were not cleared after previous usages. As a result, attackers can potentially exploit this flaw to gain unauthorized insight into the system's operational data.

References

http://secunia.com/advisories/20163
third-party-advisoryx_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/981134
third-party-advisoryx_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilities/16931
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2004-0685 : Vulnerability in USB Drivers of Linux 2.4 Kernel Affecting Local Users | SecurityVulnerability.io