Description
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18673
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110384535113035&w=2
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12093
Scores
EPSS
0.0005
EPSS Percentile
14.6%
Details
Status
published
Products (3)
conectiva/linux
10.0
gnu/realtime_linux_security_module
0.8.7
ubuntu/ubuntu_linux
4.1 (2 CPE variants)
Published
Dec 23, 2004
Tracked Since
Feb 18, 2026