Red Hat Enterprise Linux kernel-2.4.21 does not perform adequate checking of eflags when in 32-bit ptrace emulation mode

Overview

Red Hat Enterprise Linux kernel prior to version 2.4.21 does not perform adequate checking of eflags when in 32-bit ptrace emulation mode. This could allow a local user to gain elevated or root privileges.

Description

The Linux kernel handles the basic functionality of the operating system. There is a vulnerability in the checking of eflags when in 32-bit ptrace emulation mode allowing a local user to gain elevated or root privileges. This vulnerability is reported to only affect kernels built for the AMD64 architecture.

---

Impact

A local user could gain elevated or root privileges.

---

Solution

Upgrade or Apply Patch
Upgrade or apply patch as specified by your vendor.

---

Vendor Information

337238

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Red Hat Inc. __ Affected

Updated: January 20, 2004

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see RHSA-2004:017-06.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23337238 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <https://rhn.redhat.com/errata/RHSA-2004-017.html&gt;
• <http://www.secunia.com/advisories/10658/&gt;
• <http://www.ciac.org/ciac/bulletins/o-063.shtml&gt;

Acknowledgements

Thanks to Red Hat Inc. for the information contained in their advisory.

This document was written by Damon Morda.

Other Information

CVE IDs:	CVE-2004-0001
Severity Metric:	2.95 Date Public: