CVE-2002-0570

Linux kernel <2.4.10 - Info Disclosure

Title source: llm

Description

The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.

References (3)

[Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-01/0010.html

[Vendor Advisory] http://www.securityfocus.com/bid/3775

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/7769

Scores

EPSS 0.0012

EPSS Percentile 30.6%

Classification

Status draft

Affected Products (39)

linux/linux_kernel

... and 24 more

Timeline

Published Jul 03, 2002

Tracked Since Feb 18, 2026