Local User Vulnerability in Linux Kernel Affecting ELF Binaries
CVE-2004-1073

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Linux; Linux Kernel; Enterprise Linux; Fedora Core
Vendor: CVE Published:; 10 January 2005

Summary

The open_exec function in the execve system calls of Linux kernel versions up to 2.4.27 and 2.6.8 enables local users to exploit the interpreter (PT_INTERP) feature. This exploitation allows unauthorized access to read ELF binaries that should remain non-readable, potentially leading to further exploitation of system resources or sensitive information.

References

http://secunia.com/advisories/20163

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/18684

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2006/dsa-1082

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 29, 2004