CVE-2004-1235

Exploit

EPSS 0.08%
Published 14.04.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

Affected products Warnungen 0 Metrics 2 CWE 0 References 28

Data is provided by the National Vulnerability Database (NVD)

Avaya ≫ Mn100

Avaya ≫ Network Routing

Avaya ≫ Converged Communications Server Version2.0

Avaya ≫ S8710 Versionr2.0.0

Avaya ≫ S8710 Versionr2.0.1

Avaya ≫ Modular Messaging Message Storage Server Version1.1

Avaya ≫ Modular Messaging Message Storage Server Version2.0

Linux ≫ Linux Kernel Version2.4.0

Linux ≫ Linux Kernel Version2.4.0 Updatetest1

Linux ≫ Linux Kernel Version2.4.0 Updatetest10

Linux ≫ Linux Kernel Version2.4.0 Updatetest11

Linux ≫ Linux Kernel Version2.4.0 Updatetest12

Linux ≫ Linux Kernel Version2.4.0 Updatetest2

Linux ≫ Linux Kernel Version2.4.0 Updatetest3

Linux ≫ Linux Kernel Version2.4.0 Updatetest4

Linux ≫ Linux Kernel Version2.4.0 Updatetest5

Linux ≫ Linux Kernel Version2.4.0 Updatetest6

Linux ≫ Linux Kernel Version2.4.0 Updatetest7

Linux ≫ Linux Kernel Version2.4.0 Updatetest8

Linux ≫ Linux Kernel Version2.4.0 Updatetest9

Linux ≫ Linux Kernel Version2.4.1

Linux ≫ Linux Kernel Version2.4.2

Linux ≫ Linux Kernel Version2.4.3

Linux ≫ Linux Kernel Version2.4.4

Linux ≫ Linux Kernel Version2.4.5

Linux ≫ Linux Kernel Version2.4.6

Linux ≫ Linux Kernel Version2.4.7

Linux ≫ Linux Kernel Version2.4.8

Linux ≫ Linux Kernel Version2.4.9

Linux ≫ Linux Kernel Version2.4.10

Linux ≫ Linux Kernel Version2.4.11

Linux ≫ Linux Kernel Version2.4.12

Linux ≫ Linux Kernel Version2.4.13

Linux ≫ Linux Kernel Version2.4.14

Linux ≫ Linux Kernel Version2.4.15

Linux ≫ Linux Kernel Version2.4.16

Linux ≫ Linux Kernel Version2.4.17

Linux ≫ Linux Kernel Version2.4.18

Linux ≫ Linux Kernel Version2.4.18 Editionx86

Linux ≫ Linux Kernel Version2.4.18 Updatepre1

Linux ≫ Linux Kernel Version2.4.18 Updatepre2

Linux ≫ Linux Kernel Version2.4.18 Updatepre3

Linux ≫ Linux Kernel Version2.4.18 Updatepre4

Linux ≫ Linux Kernel Version2.4.18 Updatepre5

Linux ≫ Linux Kernel Version2.4.18 Updatepre6

Linux ≫ Linux Kernel Version2.4.18 Updatepre7

Linux ≫ Linux Kernel Version2.4.18 Updatepre8

Linux ≫ Linux Kernel Version2.4.19

Linux ≫ Linux Kernel Version2.4.19 Updatepre1

Linux ≫ Linux Kernel Version2.4.19 Updatepre2

Linux ≫ Linux Kernel Version2.4.19 Updatepre3

Linux ≫ Linux Kernel Version2.4.19 Updatepre4

Linux ≫ Linux Kernel Version2.4.19 Updatepre5

Linux ≫ Linux Kernel Version2.4.19 Updatepre6

Linux ≫ Linux Kernel Version2.4.20

Linux ≫ Linux Kernel Version2.4.21

Linux ≫ Linux Kernel Version2.4.21 Updatepre1

Linux ≫ Linux Kernel Version2.4.21 Updatepre4

Linux ≫ Linux Kernel Version2.4.21 Updatepre7

Linux ≫ Linux Kernel Version2.4.22

Linux ≫ Linux Kernel Version2.4.23

Linux ≫ Linux Kernel Version2.4.23 Updatepre9

Linux ≫ Linux Kernel Version2.4.23_ow2

Linux ≫ Linux Kernel Version2.4.24

Linux ≫ Linux Kernel Version2.4.24_ow1

Linux ≫ Linux Kernel Version2.4.25

Linux ≫ Linux Kernel Version2.4.26

Linux ≫ Linux Kernel Version2.4.27

Linux ≫ Linux Kernel Version2.4.27 Updatepre1

Linux ≫ Linux Kernel Version2.4.27 Updatepre2

Linux ≫ Linux Kernel Version2.4.27 Updatepre3

Linux ≫ Linux Kernel Version2.4.27 Updatepre4

Linux ≫ Linux Kernel Version2.4.27 Updatepre5

Linux ≫ Linux Kernel Version2.4.28

Linux ≫ Linux Kernel Version2.4.29 Updaterc2

Linux ≫ Linux Kernel Version2.6.0

Linux ≫ Linux Kernel Version2.6.0 Updatetest1

Linux ≫ Linux Kernel Version2.6.0 Updatetest10

Linux ≫ Linux Kernel Version2.6.0 Updatetest11

Linux ≫ Linux Kernel Version2.6.0 Updatetest2

Linux ≫ Linux Kernel Version2.6.0 Updatetest3

Linux ≫ Linux Kernel Version2.6.0 Updatetest4

Linux ≫ Linux Kernel Version2.6.0 Updatetest5

Linux ≫ Linux Kernel Version2.6.0 Updatetest6

Linux ≫ Linux Kernel Version2.6.0 Updatetest7

Linux ≫ Linux Kernel Version2.6.0 Updatetest8

Linux ≫ Linux Kernel Version2.6.0 Updatetest9

Linux ≫ Linux Kernel Version2.6.1

Linux ≫ Linux Kernel Version2.6.1 Updaterc1

Linux ≫ Linux Kernel Version2.6.1 Updaterc2

Linux ≫ Linux Kernel Version2.6.2

Linux ≫ Linux Kernel Version2.6.3

Linux ≫ Linux Kernel Version2.6.4

Linux ≫ Linux Kernel Version2.6.5

Linux ≫ Linux Kernel Version2.6.6

Linux ≫ Linux Kernel Version2.6.6 Updaterc1

Linux ≫ Linux Kernel Version2.6.7

Linux ≫ Linux Kernel Version2.6.7 Updaterc1

Linux ≫ Linux Kernel Version2.6.8

Linux ≫ Linux Kernel Version2.6.8 Updaterc1

Linux ≫ Linux Kernel Version2.6.8 Updaterc2

Linux ≫ Linux Kernel Version2.6.8 Updaterc3

Linux ≫ Linux Kernel Version2.6.9 Update2.6.20

Linux ≫ Linux Kernel Version2.6.10

Linux ≫ Linux Kernel Version2.6.10 Updaterc2

Linux ≫ Linux Kernel Version2.6_test9_cvs

Mandrakesoft ≫ Mandrake Linux Version9.2

Mandrakesoft ≫ Mandrake Linux Version9.2 Editionamd64

Mandrakesoft ≫ Mandrake Linux Version10.0

Mandrakesoft ≫ Mandrake Linux Version10.0 Editionamd64

Mandrakesoft ≫ Mandrake Linux Version10.1

Mandrakesoft ≫ Mandrake Linux Version10.1 Editionx86_64

Mandrakesoft ≫ Mandrake Linux Corporate Server Version2.1

Mandrakesoft ≫ Mandrake Linux Corporate Server Version2.1 Editionx86_64

Mandrakesoft ≫ Mandrake Linux Corporate Server Version3.0

Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_servers

Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server

Redhat ≫ Enterprise Linux Version3.0 Editionworkstation

Redhat ≫ Enterprise Linux Version4.0 Editionadvanced_server

Redhat ≫ Enterprise Linux Version4.0 Editionenterprise_server

Redhat ≫ Enterprise Linux Version4.0 Editionworkstation

Redhat ≫ Enterprise Linux Desktop Version3.0

Redhat ≫ Enterprise Linux Desktop Version4.0

Redhat ≫ Fedora Core Versioncore_1.0

Redhat ≫ Fedora Core Versioncore_2.0

Redhat ≫ Fedora Core Versioncore_3.0

Redhat ≫ Linux Version7.3 Editioni386

Redhat ≫ Linux Version9.0 Editioni386

Suse ≫ Suse Linux Version1.0 Editiondesktop

Suse ≫ Suse Linux Version8 Editionenterprise_server

Suse ≫ Suse Linux Version8.1

Suse ≫ Suse Linux Version8.2

Suse ≫ Suse Linux Version9.0

Suse ≫ Suse Linux Version9.0 Editionenterprise_server

Suse ≫ Suse Linux Version9.1

Suse ≫ Suse Linux Version9.2

Ubuntu ≫ Ubuntu Linux Version4.1 Editionia64

Ubuntu ≫ Ubuntu Linux Version4.1 Editionppc

Avaya ≫ Intuity Audix Editionlx

Mandrakesoft ≫ Mandrake Multi Network Firewall Version8.2

Avaya ≫ S8300 Versionr2.0.0

Avaya ≫ S8300 Versionr2.0.1

Avaya ≫ S8500 Versionr2.0.0

Avaya ≫ S8500 Versionr2.0.1

Avaya ≫ S8700 Versionr2.0.0

Avaya ≫ S8700 Versionr2.0.1

Conectiva ≫ Linux Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.215

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.2	1.9	10	AV:L/AC:H/Au:N/C:C/I:C/A:C

http://www.novell.com/linux/security/advisories/2005_01_sr.html

http://secunia.com/advisories/20162

http://secunia.com/advisories/20163

http://secunia.com/advisories/20202

http://secunia.com/advisories/20338

http://www.debian.org/security/2006/dsa-1067

http://www.debian.org/security/2006/dsa-1069

http://www.debian.org/security/2006/dsa-1070

http://www.debian.org/security/2006/dsa-1082

https://bugzilla.fedora.us/show_bug.cgi?id=2336

http://www.redhat.com/support/errata/RHSA-2005-016.html

http://www.redhat.com/support/errata/RHSA-2005-017.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:022

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930

http://www.redhat.com/support/errata/RHSA-2005-092.html

http://www.trustix.org/errata/2005/0001/

http://www.redhat.com/support/errata/RHSA-2005-043.html

Patch

Vendor Advisory

http://isec.pl/vulnerabilities/isec-0021-uselib.txt

http://marc.info/?l=bugtraq&m=110512575901427&w=2

http://www.securityfocus.com/advisories/7804

http://www.securityfocus.com/advisories/7805

http://www.securityfocus.com/advisories/7806

http://www.securityfocus.com/bid/12190

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/18800

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567

https://nvd.nist.gov/vuln/detail/CVE-2004-1235

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1235

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1235

EUVD