Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0138

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2004-0138
Last Modified 21 Aug 2010 12:19:38
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0138

Summary

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9


References

DEBIAN - DSA-1082

DEBIAN - DSA-1070

DEBIAN - DSA-1069

DEBIAN - DSA-1067

SECUNIA - 20202

SECUNIA - 20163

SECUNIA - 20162

CONFIRM - http://linux.bkbits.net:8080/linux-2.4/cset@4021346f79nBb-4X_usRikR3Iyb4Vg

CONFIRM - http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes

XF - linux-kernel-elfloader-dos(43124)

BID - 18174

REDHAT - RHSA-2004:549

REDHAT - RHSA-2004:504

SECUNIA - 20338

CONFIRM - http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.25


Last Updated: 27 May 2016 10:38:29