PT-2003-2113 · Linux · Linux Kernel
Published
2003-12-31
·
Updated
2008-09-05
·
CVE-2003-1161
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel version 2.6-test9-CVS
Description
The issue concerns a backdoor in the Linux kernel. This backdoor could allow local users to elevate their privileges. The exploitation involves passing
WCLONE| WALL to the sys wait4 function.Recommendations
For Linux kernel version 2.6-test9-CVS, as a temporary workaround, consider restricting access to the
sys wait4 function until a patch is available. Avoid using the parameters that could trigger the backdoor, specifically WCLONE| WALL, in the affected function.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel