7.5
CVE-2004-2536
- EPSS 2.34%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version2.6.0
Linux ≫ Linux Kernel Version2.6.1
Linux ≫ Linux Kernel Version2.6.1 Updaterc1
Linux ≫ Linux Kernel Version2.6.1 Updaterc2
Linux ≫ Linux Kernel Version2.6.2
Linux ≫ Linux Kernel Version2.6.3
Linux ≫ Linux Kernel Version2.6.4
Linux ≫ Linux Kernel Version2.6.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.34% | 0.814 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/11577
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.6
http://www.osvdb.org/5997
http://www.securityfocus.com/bid/10302
http://www.ussg.iu.edu/hypermail/linux/kernel/0405.0/1242.html
http://www.ussg.iu.edu/hypermail/linux/kernel/0405.0/1265.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16106