CVE-2004-1070

Upstream information

CVE-2004-1070 at MITRE

Description

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	7.2
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector	Local
Access Complexity	Low
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entries: 60632 [RESOLVED / FIXED], 74701 [RESOLVED / WONTFIX]

SUSE Security Advisories:

SUSE-SA:2004:042 SUSE-SR:2004:002 SUSE-SR:2004:003

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:03:23 2013
CVE page last modified: Thu Dec 7 12:11:43 2023

CVE-2004-1070

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

SUSE Security Advisories:

SUSE Timeline for this CVE

Business-Critical Linux

Enterprise Container Management

Edge

Solutions

Industries

Support

Services

Resources

Partners

Communities

About