ID CVE-2004-0001
Summary Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
References
Vulnerable Configurations
  • Linux Kernel 2.6.20.1
    cpe:2.3:o:linux:linux_kernel:2.6.20.1
CVSS
Base: 7.2 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Red Hat Local Security Checks
NASL id REDHAT-RHSA-2004-017.NASL
description Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the first regular update. The Linux kernel handles the basic functions of the operating system. This is the first regular kernel update for Red Hat Enterprise Linux version 3. It contains a new critical security fix, many other bug fixes, several device driver updates, and numerous performance and scalability enhancements. On AMD64 systems, a fix was made to the eflags checking in 32-bit ptrace emulation that could have allowed local users to elevate their privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0001 to this issue. Other bug fixes were made in the following kernel areas: VM, NPTL, IPC, kernel timer, ext3, NFS, netdump, SCSI, ACPI, several device drivers, and machine-dependent support for the x86_64, ppc64, and s390 architectures. The VM subsystem was improved to better handle extreme loads and resource contention (such as might occur during heavy database application usage). This has resulted in a significantly reduced possibility of hangs, OOM kills, and low-mem exhaustion. Several NPTL fixes were made to resolve POSIX compliance issues concerning process IDs and thread IDs. A section in the Release Notes elaborates on a related issue with file record locking in multi-threaded applications. AMD64 kernels are now configured with NUMA support, S390 kernels now have CONFIG_BLK_STATS enabled, and DMA capability was restored in the IA64 agpgart driver. The following drivers have been upgraded to new versions : cmpci ------ 6.36 e100 ------- 2.3.30-k1 e1000 ------ 5.2.20-k1 ips -------- 6.10.52 megaraid --- v1.18k megaraid2 -- v2.00.9 All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
last seen 2019-02-21
modified 2018-11-15
plugin id 12451
published 2004-07-06
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=12451
title RHEL 3 : kernel (RHSA-2004:017)
oval via4
accepted 2004-06-16T12:00:00.000-04:00
class vulnerability
contributors
  • name Matt Busby
    organization The MITRE Corporation
  • name Matt Busby
    organization The MITRE Corporation
description Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
family unix
id oval:org.mitre.oval:def:868
status accepted
submitted 2004-03-20T12:00:00.000-04:00
title Linux Kernel eflags Checking Privilege Escalation Vulnerability
version 32
redhat via4
advisories
rhsa
id RHSA-2004:017
refmap via4
bid 9429
cert-vn VU#337238
gentoo GLSA-200402-06
xf linux-ptrace-gain-privilege(14888)
Last major update 05-09-2008 - 16:37
Published 17-02-2004 - 00:00
Last modified 09-10-2017 - 21:30
Back to Top