Race Condition in SELinux Affects Local Users of Linux Kernel
CVE-2004-1069

Currently unrated

Key Information:

Vendor: Linux
Status: Linux Kernel; Ubuntu Linux
Vendor: CVE Published:; 10 January 2005

Summary

A race condition exists in SELinux versions 2.6.x through 2.6.9, allowing local users to exploit unhandled SOCK_SEQPACKET unix domain sockets. This vulnerability can lead to a denial of service by causing the kernel to crash due to improper handling in the sock_dgram_sendmsg function. Users are advised to implement patches and updates to secure their systems.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRAKE

http://marc.info/?l=bugtraq&m=110306397320336&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=linux-kernel&m=110045613004761

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 29, 2004