Moderate

CVE-2004-0138 - Unspecified vulnerability in Linux Kernel

Publication: 2004-12-31
Summary

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.

Risk level (CVSS 4.9)

Moderate

4.9

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Linux Linux Kernel 2.4.0
  • Linux Linux Kernel 2.4.1
  • Linux Linux Kernel 2.4.2
  • Linux Linux Kernel 2.4.3
  • Linux Linux Kernel 2.4.4
  • Linux Linux Kernel 2.4.5
  • Linux Linux Kernel 2.4.6
  • Linux Linux Kernel 2.4.7
  • Linux Linux Kernel 2.4.8
  • Linux Linux Kernel 2.4.9
  • Linux Linux Kernel 2.4.10
  • Linux Linux Kernel 2.4.11
  • Linux Linux Kernel 2.4.12
  • Linux Linux Kernel 2.4.13
  • Linux Linux Kernel 2.4.14
  • Linux Linux Kernel 2.4.15
  • Linux Linux Kernel 2.4.16
  • Linux Linux Kernel 2.4.17
  • Linux Linux Kernel 2.4.18
  • Linux Linux Kernel 2.4.19
  • Linux Linux Kernel 2.4.20
  • Linux Linux Kernel 2.4.21
  • Linux Linux Kernel 2.4.22
  • Linux Linux Kernel 2.4.23
  • Linux Linux Kernel 2.4.24