CVE-2003-0476

Published: Aug 7, 2003Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

Affected (1)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Version 2.4.0

References (16)

http://marc.info/?l=bugtraq&m=105664924024009&w=2

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-358

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-423

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2003:074

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-238.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-368.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2003-408.html

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A327

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=105664924024009&w=2