// For flags

CVE-2003-0961

Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.

Un "error en comprobaciones de límites" en la función do_brk del kernel de Linux 2.4.22 y anteriores permite a usuarios locales ganar privilegios de root.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2003-11-26 CVE Reserved
  • 2003-12-02 CVE Published
  • 2003-12-02 First Exploit
  • 2024-08-08 CVE Updated
  • 2025-04-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (29)
URL Tag Source
http://isec.pl/papers/linux_kernel_do_brk.pdf X_refsource_misc
http://marc.info/?l=bugtraq&m=107064798706473&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107064830206816&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107394143105081&w=2 Mailing List
http://secunia.com/advisories/10328 Third Party Advisory
http://secunia.com/advisories/10329 Third Party Advisory
http://secunia.com/advisories/10330 Third Party Advisory
http://secunia.com/advisories/10333 Third Party Advisory
http://secunia.com/advisories/10338 Third Party Advisory
http://www.kb.cert.org/vuls/id/301156 Third Party Advisory
URL Date SRC
https://www.exploit-db.com/exploits/131 2003-12-05
https://www.exploit-db.com/exploits/129 2003-12-02
URL Date SRC
http://www.debian.org/security/2003/dsa-403 2016-10-18
http://www.redhat.com/support/errata/RHSA-2003-389.html 2016-10-18
URL Date SRC
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000796 2016-10-18
http://www.debian.org/security/2004/dsa-417 2016-10-18
http://www.debian.org/security/2004/dsa-423 2016-10-18
http://www.debian.org/security/2004/dsa-433 2016-10-18
http://www.debian.org/security/2004/dsa-439 2016-10-18
http://www.debian.org/security/2004/dsa-440 2016-10-18
http://www.debian.org/security/2004/dsa-442 2016-10-18
http://www.debian.org/security/2004/dsa-450 2016-10-18
http://www.debian.org/security/2004/dsa-470 2016-10-18
http://www.debian.org/security/2004/dsa-475 2016-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2003:110 2016-10-18
http://www.novell.com/linux/security/advisories/2003_049_kernel.html 2016-10-18
http://www.redhat.com/support/errata/RHSA-2003-368.html 2016-10-18
https://access.redhat.com/security/cve/CVE-2003-0961 2003-12-01
https://bugzilla.redhat.com/show_bug.cgi?id=1617104 2003-12-01
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 <= 2.4.22
Search vendor "Linux" for product "Linux Kernel" and version " <= 2.4.22"
-
Affected