CVE-1999-1166

Linux 2.0.37 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1166. PoCs published by Solar.

AI-analyzed exploit summary This exploit targets a Linux kernel memory management vulnerability (CVE-1999-1166) to escalate privileges to root by manipulating memory descriptors and task_struct. It searches for kernel memory structures and modifies the UID to gain root access.

Description

Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Solar · clocallinux

https://www.exploit-db.com/exploits/19419

View Code ZIP pw:eip

This exploit targets a Linux kernel memory management vulnerability (CVE-1999-1166) to escalate privileges to root by manipulating memory descriptors and task_struct. It searches for kernel memory structures and modifies the UID to gain root access.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: Linux kernel (specific version not specified, likely early 2.x)

No auth needed

Prerequisites: Non-standard memory configuration · Linux kernel with vulnerable memory management · Local access to the system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/523

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/18156

Scores

EPSS 0.0103

EPSS Percentile 59.3%

Details

Status published

Products (1)

linux/linux_kernel 2.0.37

Published Jul 11, 1999

Tracked Since Feb 18, 2026