CVE-2004-1071
Linux Kernel 2.4.x-2.4.27 and 2.6.x-2.6.8 - Local Arbitrary Code Execution via binfmt_elf Loader mmap Failure
Title source: llmDescription
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
References (19)
Core 19
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20163
Various Sources x_refsource_misc
http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
Issue Tracking vendor-advisory
x_refsource_fedora
https://bugzilla.fedora.us/show_bug.cgi?id=2336
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-537.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18025
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11646
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-505.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2004-504.html
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1082
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19607
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1070
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20162
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1067
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1069
Vendor Advisory vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20202
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20338
Scores
EPSS
0.0005
EPSS Percentile
16.4%
Details
Status
published
Products (22)
linux/linux_kernel
2.4.0 (13 CPE variants)
linux/linux_kernel
2.4.1
linux/linux_kernel
2.4.2
linux/linux_kernel
2.4.3
linux/linux_kernel
2.4.4
linux/linux_kernel
2.4.5
linux/linux_kernel
2.4.6
linux/linux_kernel
2.4.7
linux/linux_kernel
2.4.8
linux/linux_kernel
2.4.9
... and 12 more
Published
Jan 10, 2005
Tracked Since
Feb 18, 2026