Upstream information

CVE-2004-1072 at MITRE

Description

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.2
Vector AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entries: 60632 [RESOLVED / FIXED], 74701 [RESOLVED / WONTFIX]

SUSE Security Advisories:


SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:03:29 2013
CVE page last modified: Fri Dec 8 16:10:39 2023