File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ [basic ]
2+ description = " Linux Kernel 2.0.37 版本中对于自定义段限制(Segment Limit)的编码处理存在缺陷,导致本地攻击者能够通过访问并修改内核内存来提升权限至 root。该漏洞源于内核未正确验证段限长值,使得低权限用户可利用特定系统调用绕过内存访问限制。攻击者需拥有本地系统账户并具备代码执行能力,成功利用后可完全控制目标系统。该漏洞影响 Linux Kernel 2.0.37 及更早版本,CVSS 评分 7.2,危害等级高。"
3+ published = " 1999-07-11T04:00:00.000"
4+ remediation = " 建议立即升级 Linux 内核至 2.0.38 或更高版本(如 2.2.x 系列),该漏洞在内核 2.0.38 中已修复。若无法升级,可通过限制本地用户对 /dev/mem 和 /dev/kmem 的访问权限作为临时缓解措施。"
5+ score = 7.2
6+ severity = " HIGH"
7+ sources = [" cve" ]
8+ title = " Linux Kernel 2.0.37 Segment Limit 本地权限提升漏洞"
9+ updated = " 2026-06-16T21:49:51.663"
10+
11+ [exploit ]
12+ exp_urls = []
13+ poc_urls = []
14+
15+ [id ]
16+ aliases = [" CVE-1999-1166" ]
17+ ave_id = " AVE-1999-0995"
18+
19+ [meta ]
20+ collected_at = " 2026-07-14T00:00:00Z"
21+ status = " completed"
22+
23+ [references ]
24+ urls = [
25+ " http://www.securityfocus.com/archive/1/18156" ,
26+ " http://www.securityfocus.com/bid/523" ,
27+ " https://www.exploit-db.com/exploits/19419" ,
28+ ]
You can’t perform that action at this time.
0 commit comments