CVE-2004-1068 — Vulnetix

Try Vulnetix Request Demo

CVE-2004-1068 PUBLISHED CVSS 6.199999809265137 MEDIUM

A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.

EPSS 0.06% · 18.9th percentile

Risk Scores

CVSS v2.0

6.199999809265137

EPSS Score

0.06%

18.9th percentile

Affected Products

Vendor	Product	Versions
ubuntu	ubuntu_linux	4.1, 4.1
linux	linux_kernel	2.4.0, 2.4.0, 2.4.0
redhat	enterprise_linux	2.1, 2.1, 2.1
redhat	enterprise_linux_desktop	3.0
redhat	linux_advanced_workstation	2.1, 2.1
n/a	n/a	n/a

Timeline

Dec 1, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

20163 third-party-advisory
DSA-1082 vendor-advisory
MDKSA-2005:022 vendor-advisory
20041214 [USN-38-1] Linux kernel vulnerabilities mailing-list
FLSA:2336 vendor-advisory
11715 vdb
SUSE-SA:2004:044 vendor-advisory
19607 third-party-advisory
DSA-1070 vendor-advisory
RHSA-2004:537 vendor-advisory
20162 third-party-advisory
20041119 Addendum, recent Linux <= 2.4.27 vulnerabilities mailing-list
DSA-1067 vendor-advisory
DSA-1069 vendor-advisory
20060402-01-U vendor-advisory
RHSA-2004:505 vendor-advisory
20202 third-party-advisory
oval:org.mitre.oval:def:11384 vdb
RHSA-2004:504 vendor-advisory
linux-afunix-race-condition(18230) vdb

…and 2 more

Open in Interactive Console →