Vulnerability: Insecure Return Value Checking in load_elf_binary Function

Vulnerability: Insecure Return Value Checking in load_elf_binary Function

CVE-2004-1070 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.