Main Vulnerability Database Vulnerabilities #VU95665

#VU95665 Resource management errors in Linux kernel - CVE-2002-0499

Published: August 12, 2002 / Updated: August 9, 2024

Vulnerability identifier: #VU95665

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2002-0499

CWE-ID: CWE-399

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to corrupt data.

The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.

Remediation

Install update from vendor's repository.

External links

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0074.html
http://www.cs.helsinki.fi/linux/linux-kernel/2002-13/0054.html
http://www.iss.net/security_center/static/8634.php
http://www.securityfocus.com/archive/1/264117
http://www.securityfocus.com/bid/4367

#VU95665 Resource management errors in Linux kernel - CVE-2002-0499

Description

Remediation

External links

Please verify you're human