CVE-2004-0109

Published: Jun 1, 2004Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

Affected (3)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Version 2.4.0
Linux Linux Kernel	Version 2.5.0
Linux Linux Kernel	Version 2.6.0

References (84)

ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc (unsafe URL)

Source: cve@mitre.org

PatchVendor Advisory

ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc (unsafe URL)

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108213675028441&w=2

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2004-166.html

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/11361

Source: cve@mitre.org

http://secunia.com/advisories/11362

Source: cve@mitre.org

http://secunia.com/advisories/11373

Source: cve@mitre.org

http://secunia.com/advisories/11429

Source: cve@mitre.org

http://secunia.com/advisories/11464

Source: cve@mitre.org

http://secunia.com/advisories/11469

Source: cve@mitre.org

http://secunia.com/advisories/11470

Source: cve@mitre.org

http://secunia.com/advisories/11486

Source: cve@mitre.org

http://secunia.com/advisories/11494

Source: cve@mitre.org

http://secunia.com/advisories/11518

Source: cve@mitre.org

http://secunia.com/advisories/11626

Source: cve@mitre.org

http://secunia.com/advisories/11861

Source: cve@mitre.org

http://secunia.com/advisories/11891

Source: cve@mitre.org

http://secunia.com/advisories/11986

Source: cve@mitre.org

http://secunia.com/advisories/12003

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200407-02.xml

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/o-121.shtml

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/o-127.shtml

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-479

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-480

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-481

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-482

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-489

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-491

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-495

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities

Source: cve@mitre.org

Vendor Advisory

http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2004:029

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2004_09_kernel.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-105.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-106.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-183.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/10141

Source: cve@mitre.org

http://www.turbolinux.com/security/2004/TLSA-2004-14.txt

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15866

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10733

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A940

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc (unsafe URL)