blob: 4c749bfd514bf3a22e60a2fea23e29da4ec86dcf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
Candidate: CVE-2005-1263
References:
BUGTRAQ:20050511 Linux kernel ELF core dump privilege elevation
URL:http://www.securityfocus.com/archive/1/397966
MISC:http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt
FRSIRT:ADV-2005-0524
URL:http://www.frsirt.com/english/advisories/2005/0524
OVAL:OVAL1122
URL:http://oval.mitre.org/oval/definitions/data/oval1122.html
Description:
The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to
2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users
to execute arbitrary code via an ELF binary that, in certain conditions
involving the create_elf_tables function, causes a negative length argument
to pass a signed integer comparison, leading to a buffer overflow.
Notes:
Bugs:
upstream: released (2.2.27-rc2, 2.4.31-pre1, 2.6.12-rc4)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16)
2.4.27-sarge-security: released (2.4.27-10)
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|