CVE-2004-1235
NONE EPSS 85.2%
Published Apr 14, 200521y ago · Modified Jun 16, 20262w ago
Published Apr 14, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Threat Intelligence
EPSS Exploit Probability
85.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Affected Products 147
| Vendor | Product | Version | Range |
|---|---|---|---|
| avaya | mn100 | * | any |
| avaya | network_routing | * | any |
| avaya | converged_communications_server | 2.0 | any |
| avaya | s8710 | r2.0.0 | any |
| avaya | s8710 | r2.0.1 | any |
| avaya | modular_messaging_message_storage_server | 1.1 | any |
| avaya | modular_messaging_message_storage_server | 2.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.0 | any |
| linux | linux_kernel | 2.4.1 | any |
| linux | linux_kernel | 2.4.2 | any |
| linux | linux_kernel | 2.4.3 | any |
| linux | linux_kernel | 2.4.4 | any |
| linux | linux_kernel | 2.4.5 | any |
| linux | linux_kernel | 2.4.6 | any |
| linux | linux_kernel | 2.4.7 | any |
| linux | linux_kernel | 2.4.8 | any |
| linux | linux_kernel | 2.4.9 | any |
| linux | linux_kernel | 2.4.10 | any |
| linux | linux_kernel | 2.4.11 | any |
| linux | linux_kernel | 2.4.12 | any |
| linux | linux_kernel | 2.4.13 | any |
| linux | linux_kernel | 2.4.14 | any |
| linux | linux_kernel | 2.4.15 | any |
| linux | linux_kernel | 2.4.16 | any |
| linux | linux_kernel | 2.4.17 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.18 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.19 | any |
| linux | linux_kernel | 2.4.20 | any |
| linux | linux_kernel | 2.4.21 | any |
| linux | linux_kernel | 2.4.21 | any |
| linux | linux_kernel | 2.4.21 | any |
| linux | linux_kernel | 2.4.21 | any |
| linux | linux_kernel | 2.4.22 | any |
| linux | linux_kernel | 2.4.23 | any |
| linux | linux_kernel | 2.4.23 | any |
| linux | linux_kernel | 2.4.23_ow2 | any |
| linux | linux_kernel | 2.4.24 | any |
| linux | linux_kernel | 2.4.24_ow1 | any |
| linux | linux_kernel | 2.4.25 | any |
| linux | linux_kernel | 2.4.26 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.27 | any |
| linux | linux_kernel | 2.4.28 | any |
| linux | linux_kernel | 2.4.29 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.0 | any |
| linux | linux_kernel | 2.6.1 | any |
| linux | linux_kernel | 2.6.1 | any |
| linux | linux_kernel | 2.6.1 | any |
| linux | linux_kernel | 2.6.2 | any |
| linux | linux_kernel | 2.6.3 | any |
| linux | linux_kernel | 2.6.4 | any |
| linux | linux_kernel | 2.6.5 | any |
| linux | linux_kernel | 2.6.6 | any |
| linux | linux_kernel | 2.6.6 | any |
| linux | linux_kernel | 2.6.7 | any |
| linux | linux_kernel | 2.6.7 | any |
| linux | linux_kernel | 2.6.8 | any |
| linux | linux_kernel | 2.6.8 | any |
| linux | linux_kernel | 2.6.8 | any |
| linux | linux_kernel | 2.6.8 | any |
| linux | linux_kernel | 2.6.9 | any |
| linux | linux_kernel | 2.6.10 | any |
| linux | linux_kernel | 2.6.10 | any |
| linux | linux_kernel | 2.6_test9_cvs | any |
| mandrakesoft | mandrake_linux | 9.2 | any |
| mandrakesoft | mandrake_linux | 9.2 | any |
| mandrakesoft | mandrake_linux | 10.0 | any |
| mandrakesoft | mandrake_linux | 10.0 | any |
| mandrakesoft | mandrake_linux | 10.1 | any |
| mandrakesoft | mandrake_linux | 10.1 | any |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | any |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | any |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 3.0 | any |
| redhat | enterprise_linux | 4.0 | any |
| redhat | enterprise_linux | 4.0 | any |
| redhat | enterprise_linux | 4.0 | any |
| redhat | enterprise_linux_desktop | 3.0 | any |
| redhat | enterprise_linux_desktop | 4.0 | any |
| redhat | fedora_core | core_1.0 | any |
| redhat | fedora_core | core_2.0 | any |
| redhat | fedora_core | core_3.0 | any |
| redhat | linux | 7.3 | any |
| redhat | linux | 9.0 | any |
| suse | suse_linux | 1.0 | any |
| suse | suse_linux | 8 | any |
| suse | suse_linux | 8.1 | any |
| suse | suse_linux | 8.2 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.1 | any |
| suse | suse_linux | 9.2 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
| ubuntu | ubuntu_linux | 4.1 | any |
| avaya | intuity_audix | * | any |
| mandrakesoft | mandrake_multi_network_firewall | 8.2 | any |
| avaya | s8300 | r2.0.0 | any |
| avaya | s8300 | r2.0.1 | any |
| avaya | s8500 | r2.0.0 | any |
| avaya | s8500 | r2.0.1 | any |
| avaya | s8700 | r2.0.0 | any |
| avaya | s8700 | r2.0.1 | any |
| conectiva | linux | 10.0 | any |
References 25
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
- isec.pl http://isec.pl/vulnerabilities/isec-0021-uselib.txt
- marc.info http://marc.info/?l=bugtraq&m=110512575901427&w=2
- secunia.com http://secunia.com/advisories/20162
- secunia.com http://secunia.com/advisories/20163
- secunia.com http://secunia.com/advisories/20202
- secunia.com http://secunia.com/advisories/20338
- debian.org http://www.debian.org/security/2006/dsa-1067
- debian.org http://www.debian.org/security/2006/dsa-1069
- debian.org http://www.debian.org/security/2006/dsa-1070
- debian.org http://www.debian.org/security/2006/dsa-1082
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
- novell.com http://www.novell.com/linux/security/advisories/2005_01_sr.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-016.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-017.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-043.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-092.html
- securityfocus.com http://www.securityfocus.com/advisories/7804
- securityfocus.com http://www.securityfocus.com/advisories/7805
- securityfocus.com http://www.securityfocus.com/advisories/7806
- securityfocus.com http://www.securityfocus.com/bid/12190
- trustix.org http://www.trustix.org/errata/2005/0001/
- bugzilla.fedora.us https://bugzilla.fedora.us/show_bug.cgi?id=2336
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/18800
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567
Remediation
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-043.html
- securityfocus.com http://www.securityfocus.com/bid/12190