Upstream information

CVE-2004-1058 at MITRE

Description

Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 1.2
Vector AV:L/AC:H/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 145104 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SuSE Linux Enterprise Server 8 for IBM zSeries
  • k_deflt >= 2.4.21-306
  • kernel-source >= 2.4.21-306
Builds
SuSE Linux Desktop 1.0
  • k_athlon >= 2.4.19-388
  • k_deflt >= 2.4.19-388
  • k_psmp >= 2.4.19-388
  • k_smp >= 2.4.19-388
  • kernel-source >= 2.4.19.SuSE-388
Builds
SuSE Linux Enterprise Server 8 for IPF
UnitedLinux 1.0
  • k_deflt >= 2.4.21-306
  • k_itanium2 >= 2.4.21-306
  • k_itanium2-smp >= 2.4.21-306
  • k_page-64k >= 2.4.21-306
  • k_smp >= 2.4.21-306
  • kernel-source >= 2.4.21-306
Builds
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
  • kernel-iseries64 >= 2.4.21-306
  • kernel-ppc64 >= 2.4.21-306
  • kernel-source >= 2.4.21-306
Builds
SuSE Linux Enterprise Server 8 for AMD64
UnitedLinux 1.0
  • k_deflt >= 2.4.21-306
  • k_numa >= 2.4.21-306
  • k_smp >= 2.4.21-306
  • kernel-source >= 2.4.21-306
Builds
SUSE LINUX Retail Solution 8
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • k_athlon >= 2.4.21-306
  • k_debug >= 2.4.21-306
  • k_deflt >= 2.4.21-306
  • k_psmp >= 2.4.21-306
  • k_smp >= 2.4.21-306
  • kernel-source >= 2.4.21-306
Builds