Vulnerability Note VU#337238
Red Hat Enterprise Linux kernel-2.4.21 does not perform adequate checking of eflags when in 32-bit ptrace emulation mode
Overview
Red Hat Enterprise Linux kernel prior to version 2.4.21 does not perform adequate checking of eflags when in 32-bit ptrace emulation mode. This could allow a local user to gain elevated or root privileges.
Description
The Linux kernel handles the basic functionality of the operating system. There is a vulnerability in the checking of eflags when in 32-bit ptrace emulation mode allowing a local user to gain elevated or root privileges. This vulnerability is reported to only affect kernels built for the AMD64 architecture. |
Impact
A local user could gain elevated or root privileges. |
Solution
Upgrade or Apply Patch |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Red Hat Inc. | Affected | - | 20 Jan 2004 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- https://rhn.redhat.com/errata/RHSA-2004-017.html
- http://www.secunia.com/advisories/10658/
- http://www.ciac.org/ciac/bulletins/o-063.shtml
Credit
Thanks to Red Hat Inc. for the information contained in their advisory.
This document was written by Damon Morda.
Other Information
- CVE IDs: CAN-2004-0001
- Date Public: 16 Jan 2004
- Date First Published: 20 Jan 2004
- Date Last Updated: 20 Jan 2004
- Severity Metric: 2.95
- Document Revision: 12
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.