Local Privilege Escalation in Linux Kernel 2.6 by POSIX Capability LSM
CVE-2004-1337

Currently unrated

Key Information:

Vendor: Gnu
Status: Realtime Linux Security Module; Linux
Vendor: CVE Published:; 23 December 2004

What is CVE-2004-1337?

The POSIX Capability Linux Security Module (LSM) for Linux Kernel 2.6 does not correctly manage process credentials for processes initiated before the module's activation. This oversight enables local users to escalate their privileges, potentially compromising system security. Proper implementation and updates are essential to mitigate this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18673

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=110384535113035&w=2

mailing-listx_refsource_BUGTRAQ

http://distro.conectiva.com.br/atualizacoes/index.php?id=...

vendor-advisoryx_refsource_CONECTIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jan 6, 2005
Vulnerability published
Dec 23, 2004

Gnu

What is CVE-2004-1337?

References

Timeline