CVE-2004-1058 — Race Condition in Kernel

9 documents7 sources

Severity

1.2LOWNVD

EPSS

0.1%

top 80.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Ubuntu Linux

Timeline

PublishedJan 10

Latest updateMay 3

Description

Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.

CVSS vector

AV:L/AC:H/C:P/I:N/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

▶NVDlinux/linux_kernel12 versions+11

Also affects: Ubuntu Linux 4.1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-m29m-89vm-949f: Race condition in Linux kernel 2↗2022-05-03

▶

CVEList

CVE-2004-1058: Race condition in Linux kernel 2↗2004-12-22

▶

💥Exploits & PoCs

Exploit-DB

XFree86 4.3 - Font Information File Buffer Overflow↗2004-11-10

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2004-12-15

▶

Red Hat

security flaw↗2004-08-23

▶

💬Community

Bugzilla

CVE-2004-1058 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-1058 /proc/<PID>/cmdline information disclosure↗2004-09-21

▶

Bugzilla

CVE-2004-1058 /proc/<PID>/cmdline information disclosure↗2004-09-21

▶