Vulnerability in Linux Linux_kernel

CVE-2004-1072

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer…

EPSS: 0.006 (42.0th percentile) — read the EPSS interpretation.

Affected products

Linux Linux_kernel — versions 2.4.0, 2.4.1, 2.4.2
Trustix Secure_linux — versions 1.5, 2.0, 2.1
Turbolinux Turbolinux_server — versions 10.0
Redhat Enterprise_linux — versions 2.1, 3.0
Redhat Enterprise_linux_desktop — versions 3.0
Redhat Fedora_core — versions core_2.0, core_3.0
Redhat Linux_advanced_workstation — versions 2.1
Suse Suse_linux — versions 1.0, 8, 8.1
N/a — versions n/a

References

cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)