CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
14.1%
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | 2.2.0 | cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.1 | cpe:2.3:o:linux:linux_kernel:2.2.1:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.2 | cpe:2.3:o:linux:linux_kernel:2.2.2:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.3 | cpe:2.3:o:linux:linux_kernel:2.2.3:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.4 | cpe:2.3:o:linux:linux_kernel:2.2.4:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.5 | cpe:2.3:o:linux:linux_kernel:2.2.5:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.6 | cpe:2.3:o:linux:linux_kernel:2.2.6:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.7 | cpe:2.3:o:linux:linux_kernel:2.2.7:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.8 | cpe:2.3:o:linux:linux_kernel:2.2.8:*:*:*:*:*:*:* |
linux | linux_kernel | 2.2.9 | cpe:2.3:o:linux:linux_kernel:2.2.9:*:*:*:*:*:*:* |
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt
archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html
marc.info/?l=bugtraq&m=105301461726555&w=2
rhn.redhat.com/errata/RHSA-2003-088.html
rhn.redhat.com/errata/RHSA-2003-098.html
security.gentoo.org/glsa/glsa-200303-17.xml
www.debian.org/security/2003/dsa-270
www.debian.org/security/2003/dsa-276
www.debian.org/security/2003/dsa-311
www.debian.org/security/2003/dsa-312
www.debian.org/security/2003/dsa-332
www.debian.org/security/2003/dsa-336
www.debian.org/security/2004/dsa-423
www.debian.org/security/2004/dsa-495
www.kb.cert.org/vuls/id/628849
www.mandriva.com/security/advisories?name=MDKSA-2003:038
www.mandriva.com/security/advisories?name=MDKSA-2003:039
www.redhat.com/support/errata/RHSA-2003-103.html
www.redhat.com/support/errata/RHSA-2003-145.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A254