Vulnerability Description
Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.22 |
References
- http://linux.bkbits.net:8080/linux-2.4/cset%403ef33d95ym_22QH2xwhDMt264M55Fg
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42942
- http://linux.bkbits.net:8080/linux-2.4/cset%403ef33d95ym_22QH2xwhDMt264M55Fg
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42942
FAQ
What is CVE-2003-0956?
CVE-2003-0956 is a vulnerability with a CVSS score of 2.6 (LOW). Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to ...
How severe is CVE-2003-0956?
CVE-2003-0956 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0956?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.