CVE-2003-1040

{"id": "CVE-2003-1040", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-04-15T04:00:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20040204-01-U.asc", "source": "cve@mitre.org"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820", "source": "cve@mitre.org"}, {"url": "http://linux.bkbits.net:8080/linux-2.4/diffs/kernel/kmod.c%401.6?nav=index.html%7Csrc/%7Csrc/kernel%7Chist/kernel/kmod.c", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2003_049_kernel.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-065.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-069.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-106.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-188.html", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15577", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9423", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod."}, {"lang": "es", "value": "kmod en el kernel de Linux no establece su uid, gid o sgid a 0, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda) enviando ciertas se\u00f1ales a kmod."}], "lastModified": "2023-11-07T01:56:27.817", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}