Main Vulnerability Database Vulnerabilities #VU100019

#VU100019 Improper privilege management in Linux kernel - CVE-1999-1166

Published: July 11, 1999 / Updated: November 7, 2024

Vulnerability identifier: #VU100019

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-1999-1166

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.

Remediation

Install update from vendor's repository.

External links

http://www.securityfocus.com/archive/1/18156
http://www.securityfocus.com/bid/523

#VU100019 Improper privilege management in Linux kernel - CVE-1999-1166

Description

Remediation

External links

Please verify you're human