CVE-2001-1384

Linux <2.2.20, <2.4.10 - Privilege Escalation

Title source: llm

Description

ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Rafal Wojtczuk · textlocallinux

https://www.exploit-db.com/exploits/21124

View Code ZIP pw:eip

References (13)

[Various Sources] ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-036.0.txt

[Various Sources] http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-035-01

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/7311.php

[Various Sources] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-079.php3

[Patch, Vendor Advisory] http://www.linuxsecurity.com/advisories/other_advisory-1650.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-129.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-130.html

[Various Sources] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2001_036_kernel_txt.html

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/advisories/3713

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3447

[Mailing List] http://marc.info/?l=bugtraq&m=100343090106914&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=100350685431610&w=2

Scores

EPSS 0.0024

EPSS Percentile 46.6%

Classification

Status draft

Affected Products (26)

linux/linux_kernel

... and 11 more

Timeline

Published Oct 18, 2001

Tracked Since Feb 18, 2026