Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0956


Vulnerability Score 2.6 2.6
CVE Id CVE-2003-0956
Last Modified 05 Sep 2008 04:35:39
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE



Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.22



XF - linux-kernel-odirect-information-disclosure(42942)

Last Updated: 27 May 2016 10:38:06