First published: Fri Jul 04 2003(Updated: )
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | =2.6.20.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.