Linux Kernel Binfmt_elf Loader Vulnerability in 2.4.x and 2.6.x
CVE-2004-1071

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Linux; Linux Kernel; Enterprise Linux; Fedora Core
Vendor: CVE Published:; 10 January 2005

Summary

The binfmt_elf loader in certain versions of the Linux kernel fails to properly manage a failed mmap function call. This vulnerability can result in an incorrectly mapped image, potentially enabling local users to execute arbitrary code with elevated privileges. This flaw affects Linux kernel versions between 2.4.x (up to 2.4.27) and 2.6.x (up to 2.6.8), posing a significant security risk to systems relying on these versions.

References

http://secunia.com/advisories/20163

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2006/dsa-1082

vendor-advisoryx_refsource_DEBIAN

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRAKE

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 29, 2004