Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2302

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-2302
Last Modified 07 Mar 2011 09:18:41
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2004-2302

Summary

Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.10


References

SUSE - SUSE-SA:2005:044

CONFIRM - http://linux.bkbits.net:8080/linux-2.6/cset%404186a4deVoR88JjTwMa3ZnIp-_YJsA

CONFIRM - http://kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.10-rc1/2.6.10-rc1-mm1/broken-out/fix-race-in-sysfs_read_file-and-sysfs_write_file.patch

MANDRAKE - MDKSA-2005:219

BID - 13091

MANDRAKE - MDKSA-2005:218

DEBIAN - DSA-922

SECUNIA - 18056

SECUNIA - 17826


Last Updated: 27 May 2016 10:39:25