CVE-2004-1070

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Linux; Linux Kernel; Enterprise Linux; Fedora Core
Vendor: CVE Published:; 10 January 2005

Summary

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

References

http://secunia.com/advisories/20163

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2006/dsa-1082

vendor-advisoryx_refsource_DEBIAN

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRAKE

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 29, 2004