Vulnerability Note VU#301156
Linux kernel do_brk() function contains integer overflow
OverviewA vulnerability in the linux kernel may permit a local user to gain elevated privileges.
I. DescriptionVersions of the Linux kernel prior to 2.4.23 an integer overflow vulnerability in the brk system call (do_brk() function). This vulnerability may be exploited by a local user to gain elevated or root privileges.
An exploit for this vulnerability exists, and has been used to compromise systems.
II. ImpactA local user on the system can exploit this vulnerability to gain access to the kernel address space and gain elevated privileges.
III. SolutionThis vulnerability has been resolved in versions 2.4.23 for the 2.4 kernel tree, and the 2.6.0-test6 kernel tree. Please check the "Systems Affected" section for vendor-specific releases.
Systems Affected
References
http://www.secunia.com/advisories/10328/
http://www.secunia.com/advisories/10329/
http://www.secunia.com/advisories/10333/
http://www.secunia.com/advisories/10330/
http://www.secunia.com/advisories/10338/
Credit
Thanks to Wichert Akkerman for reporting this vulnerability.
This document was written by Jason A Rafail.
Other Information
| Date Public: | 2003-12-01 |
| Date First Published: | 2003-12-02 |
| Date Last Updated: | 2003-12-02 |
| CERT Advisory: | |
| CVE-ID(s): | CAN-2003-0961 |
| NVD-ID(s): | CAN-2003-0961 |
| US-CERT Technical Alerts: | |
| Metric: | 23.62 |
| Document Revision: | 9 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|