Upstream information

CVE-2003-0476 at MITRE

Description

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having low severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 2.1
Vector AV:L/AC:L/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-source >= 2.4.19.SuSE-142
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-source >= 2.4.19.SuSE-136
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-ppc64 >= 2.4.19-223
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-ppc64 >= 2.4.19-231
ul1.ppc
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-iseries64 >= 2.4.19-239
ul1.ppc
SuSE Linux School Server for i386
  • alice-compat >= 0.21-207
  • autoyast2 >= 2.6.44-27
  • mkisofs >= 1.11.a28-84
  • perl-XML-DOM >= 1.39-102
  • perl-XML-Generator >= 0.91-172
  • perl-XML-RegExp >= 0.03-422
  • syslinux >= 1.62-531
  • xntp-doc >= 4.1.1-331
Builds
YOU Patch Nr: 8799
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-iseries64 >= 2.4.19-233
ul1.ppc