Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1040

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2003-1040
Last Modified 21 Aug 2010 12:17:35
Published 15 Apr 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1040

Summary

kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0


References

XF - linux-kmod-signals-dos(15577)

REDHAT - RHSA-2004:188

REDHAT - RHSA-2004:106

REDHAT - RHSA-2004:069

REDHAT - RHSA-2004:065

SUSE - SuSE-SA:2003:049

CONFIRM - http://linux.bkbits.net:8080/linux-2.4/diffs/kernel/kmod.c@1.6?nav=index.html|src/|src/kernel|hist/kernel/kmod.c

SGI - 20040204-01-U

CONECTIVA - CLSA-2004:820


Last Updated: 27 May 2016 10:38:09