CVE-2004-1073

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4.x up to 2.4.27 Linux kernel versions 2.6.x up to 2.6.8 kernel-image-2.4.19-sun4u-smp (affected versions not specified) kernel-image-2.4.18-powerpc-xfs (affected versions not specified) kernel-image-2.4.18-sun4u (affected versions not specified) kernel-patch-benh (affected versions not specified) kernel-image-2.4.18-sun4u-smp (affected versions not specified) kernel-headers-2.4.19-sparc (affected versions not specified) kernel-headers-2.4.18-sparc (affected versions not specified) kernel-image-2.4.19-sun4u (affected versions not specified)

Description The issue affects the Linux kernel and various Debian GNU/Linux packages, allowing for potential exploitation that could compromise confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. The open exec function in the execve functionality is also affected, enabling local users to read non-readable ELF binaries by utilizing the interpreter (PT INTERP) functionality.

Recommendations For Linux kernel versions 2.4.x up to 2.4.27 and 2.6.x up to 2.6.8, update to a version later than 2.4.27 or 2.6.8 to resolve the issue. For kernel-image-2.4.19-sun4u-smp, kernel-image-2.4.18-powerpc-xfs, kernel-image-2.4.18-sun4u, kernel-patch-benh, kernel-image-2.4.18-sun4u-smp, kernel-headers-2.4.19-sparc, kernel-headers-2.4.18-sparc, and kernel-image-2.4.19-sun4u, at the moment, there is no information about a newer version that contains a fix for this vulnerability.