Skip to content

Commit 8487f45

Browse files
committed
add: AVE-1999-0995
1 parent ab1f88a commit 8487f45

1 file changed

Lines changed: 28 additions & 0 deletions

File tree

vulns/1999/AVE-1999-0995.toml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
[basic]
2+
description = "Linux Kernel 2.0.37 版本中对于自定义段限制(Segment Limit)的编码处理存在缺陷,导致本地攻击者能够通过访问并修改内核内存来提升权限至 root。该漏洞源于内核未正确验证段限长值,使得低权限用户可利用特定系统调用绕过内存访问限制。攻击者需拥有本地系统账户并具备代码执行能力,成功利用后可完全控制目标系统。该漏洞影响 Linux Kernel 2.0.37 及更早版本,CVSS 评分 7.2,危害等级高。"
3+
published = "1999-07-11T04:00:00.000"
4+
remediation = "建议立即升级 Linux 内核至 2.0.38 或更高版本(如 2.2.x 系列),该漏洞在内核 2.0.38 中已修复。若无法升级,可通过限制本地用户对 /dev/mem 和 /dev/kmem 的访问权限作为临时缓解措施。"
5+
score = 7.2
6+
severity = "HIGH"
7+
sources = ["cve"]
8+
title = "Linux Kernel 2.0.37 Segment Limit 本地权限提升漏洞"
9+
updated = "2026-06-16T21:49:51.663"
10+
11+
[exploit]
12+
exp_urls = []
13+
poc_urls = []
14+
15+
[id]
16+
aliases = ["CVE-1999-1166"]
17+
ave_id = "AVE-1999-0995"
18+
19+
[meta]
20+
collected_at = "2026-07-14T00:00:00Z"
21+
status = "completed"
22+
23+
[references]
24+
urls = [
25+
"http://www.securityfocus.com/archive/1/18156",
26+
"http://www.securityfocus.com/bid/523",
27+
"https://www.exploit-db.com/exploits/19419",
28+
]

0 commit comments

Comments
 (0)