VDB
GSD-2003-0127
GSD-2003-0127
PUBLISHED
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Exploit Intelligence
- Secured root-level access by identifying and exploiting misconfigurations and outdated software. Buffer overflow vulnerability in an outdated version of mod_ssl (CVE-2002-0082). Privilege escalation was subsequently achieved by exploiting a race condition in the Linux kernel's "ptrace" utility (CVE-2003-0127), (github-poc)
- DSA-270 (circl)
- RHSA-2003:098 (circl)
- CSSA-2003-020.0 (circl)
- ESA-20030515-017 (circl)
- MDKSA-2003:039 (circl)
- 20030317 Fwd: Ptrace hole / Linux 2.2.25 (circl)
- oval:org.mitre.oval:def:254 (circl)
- RHSA-2003:145 (circl)
- RHSA-2003:103 (circl)
…and 11 more exploits
Timeline
- Mar 17, 2003 CVE Published
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Security Advisory
- Apr 16, 2026 Security Advisory
- Apr 16, 2026 Security Advisory
References
- RHSA-2003:103 vendor-advisory
- RHSA-2003:088 vendor-advisory
- RHSA-2003:098 vendor-advisory
- CSSA-2003-020.0 vendor-advisory
- ESA-20030515-017 vendor-advisory
- MDKSA-2003:039 vendor-advisory
- 20030317 Fwd: Ptrace hole / Linux 2.2.25 mailing-list
- oval:org.mitre.oval:def:254 vdb
- RHSA-2003:145 vendor-advisory
- MDKSA-2003:038 vendor-advisory
- DSA-270 advisory
- DSA-423 advisory
- DSA-336 advisory
- DSA-276 advisory
- DSA-495 advisory
- GLSA-200303-17 advisory
- DSA-311 advisory
- DSA-332 advisory
- DSA-312 advisory
- VU#628849 advisory