Skip to main content

CVE-2004-1072

Severity High
Score 7.2/10

Summary

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

  • LOW
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published