ID:10824 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2004-0415

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10824 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2004-0415

ID:10824 - Exploit for Missing release of memory after effective lifetime in Linux kernel - CVE-2004-0415

Published: November 6, 2024


Vulnerability identifier: #VU99943
Vulnerability risk: Low
CVE-ID: CVE-2004-0415
CWE-ID: CWE-401
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to gain access to sensitive information.

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.


Remediation

Install update from vendor's repository.