CVE Vulnerabilities

CVE-2003-0465

Published: Aug 18, 2003 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.4.0 2.4.0
Linux_kernel Linux 2.5.0 2.5.0
Red Hat Enterprise Linux 3 RedHat kernel-0:2.4.21-15.EL *
Kernel-source-2.4.27 Ubuntu dapper *
Kernel-source-2.4.27 Ubuntu edgy *

References