CERTA-2004-AVI-131
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité présente dans le noyau Linux peut être exploitée par un utilisateur mal intentionné afin de réaliser une élévation de privilèges.
Description
Une vulnérabilité de type débordement de mémoire est présente dans deux fonctions du noyau Linux relatives à la gestion des liens symboliques du système de fichiers ISO9660.
Un utilisateur mal intentionné peut exploiter cette vulnérabilité afin de réaliser une élévation de privilèges.
Contournement provisoire
Pour les noyaux Linux modulaires, désactiver le chargement du module isofs.
Solution
Les versions 2.4.26 et 2.6.6-rc1 du noyau Linux corrigent cette vulnérabilité :
http://www.kernel.org
Impacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Linux 2.4.25 et versions ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Linux 2.6.5 et versions ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire est pr\u00e9sente dans deux\nfonctions du noyau Linux relatives \u00e0 la gestion des liens symboliques du\nsyst\u00e8me de fichiers ISO9660.\n\nUn utilisateur mal intentionn\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9 afin\nde r\u00e9aliser une \u00e9l\u00e9vation de privil\u00e8ges.\n\n## Contournement provisoire\n\nPour les noyaux Linux modulaires, d\u00e9sactiver le chargement du module\nisofs.\n\n## Solution\n\nLes versions 2.4.26 et 2.6.6-rc1 du noyau Linux corrigent cette\nvuln\u00e9rabilit\u00e9 :\n\n http://www.kernel.org\n",
"cves": [],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE-SA:2004:09 de SuSE :",
"url": "http://www.suse.com/de/security/2004_09_kernel.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 MDKSA-2004:029 de Mandrake :",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 de Debian : \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495",
"url": "http://www.debian.org/security/2004/dsa-479"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RHSA-2004:183 pour Red Hat Enterprise Linux :",
"url": "https://rhn.redhat.com/errata/RHSA-2004-183.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 de Debian : \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495",
"url": "http://www.debian.org/security/2004/dsa-480"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 de Debian : \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495",
"url": "http://www.debian.org/security/2004/dsa-481"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 04.14.04 d\u0027iDEFENSE :",
"url": "http://www.idefense.com/application/poi/display?id=101\u0026type=vulnerabilities"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 de Debian : \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495",
"url": "http://www.debian.org/security/2004/dsa-482"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200407-02 du 03 juillet 2004 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-02.xml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RHSA-2004:166 pour Red Hat Linux :",
"url": "https://rhn.redhat.com/errata/RHSA-2004-166.html"
}
],
"reference": "CERTA-2004-AVI-131",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-04-15T00:00:00.000000"
},
{
"description": "ajout r\u00e9f\u00e9rences aux bulletins DSA-489, DSA-491, DSA-495 de Debian et RHSA-166, RHSA-183 de Red Hat.",
"revision_date": "2004-04-27T00:00:00.000000"
},
{
"description": "ajout r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200407-02.",
"revision_date": "2004-07-07T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le noyau Linux peut \u00eatre exploit\u00e9e par\nun utilisateur mal intentionn\u00e9 afin de r\u00e9aliser une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Vuln\u00e9rabilit\u00e9 du noyau linux",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 0.14.04 d\u0027iDEFENSE",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…