CVE-2004-1069 — Race Condition in Kernel

4 documents4 sources

Severity

1.2LOWNVD

EPSS

0.1%

top 77.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Ubuntu Linux

Timeline

PublishedJan 10

Latest updateApr 29

Description

Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.

CVSS vector

AV:L/AC:H/C:N/I:N/A:PExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

▶NVDlinux/linux_kernel12 versions+11

Also affects: Ubuntu Linux 4.1

🔴Vulnerability Details

GHSA

GHSA-mx9x-jhv9-37pc: Race condition in SELinux 2↗2022-04-29

▶

CVEList

CVE-2004-1069: Race condition in SELinux 2↗2004-12-01

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2004-12-15

▶