{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Linux 2.4.25 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Linux 2.6.5 et versions ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire est pr\u00e9sente dans deux\nfonctions du noyau Linux relatives \u00e0 la gestion des liens symboliques du\nsyst\u00e8me de fichiers ISO9660.\n\nUn utilisateur mal intentionn\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9 afin\nde r\u00e9aliser une \u00e9l\u00e9vation de privil\u00e8ges.\n\n## Contournement provisoire\n\nPour les noyaux Linux modulaires, d\u00e9sactiver le chargement du module\nisofs.\n\n## Solution\n\nLes versions 2.4.26 et 2.6.6-rc1 du noyau Linux corrigent cette\nvuln\u00e9rabilit\u00e9 :\n\n    http://www.kernel.org\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 SuSE-SA:2004:09 de SuSE :","url":"http://www.suse.com/de/security/2004_09_kernel.html"},{"title":"Bulletin de s\u00e9curit\u00e9 MDKSA-2004:029 de Mandrake :","url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029"},{"title":"Bulletins de s\u00e9curit\u00e9 de Debian :      \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495","url":"http://www.debian.org/security/2004/dsa-479"},{"title":"Bulletin de s\u00e9curit\u00e9 RHSA-2004:183 pour Red Hat Enterprise    Linux :","url":"https://rhn.redhat.com/errata/RHSA-2004-183.html"},{"title":"Bulletins de s\u00e9curit\u00e9 de Debian :      \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495","url":"http://www.debian.org/security/2004/dsa-480"},{"title":"Bulletins de s\u00e9curit\u00e9 de Debian :      \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495","url":"http://www.debian.org/security/2004/dsa-481"},{"title":"Bulletin de s\u00e9curit\u00e9 04.14.04 d'iDEFENSE :","url":"http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities"},{"title":"Bulletins de s\u00e9curit\u00e9 de Debian :      \n \n \n \n http://www.debian.org/security/2004/dsa-489\n http://www.debian.org/security/2004/dsa-491\n http://www.debian.org/security/2004/dsa-495","url":"http://www.debian.org/security/2004/dsa-482"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200407-02 du 03 juillet    2004 :","url":"http://www.gentoo.org/security/en/glsa/glsa-200407-02.xml"},{"title":"Bulletin de s\u00e9curit\u00e9 RHSA-2004:166 pour Red Hat Linux :","url":"https://rhn.redhat.com/errata/RHSA-2004-166.html"}],"reference":"CERTA-2004-AVI-131","revisions":[{"description":"version initiale.","revision_date":"2004-04-15T00:00:00.000000"},{"description":"ajout r\u00e9f\u00e9rences aux bulletins DSA-489, DSA-491, DSA-495 de Debian et RHSA-166, RHSA-183 de Red Hat.","revision_date":"2004-04-27T00:00:00.000000"},{"description":"ajout r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200407-02.","revision_date":"2004-07-07T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le noyau Linux peut \u00eatre exploit\u00e9e par\nun utilisateur mal intentionn\u00e9 afin de r\u00e9aliser une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 du noyau linux","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 0.14.04 d'iDEFENSE","url":null}]}