Path Truncation Vulnerability in Linux Kernel

Path Truncation Vulnerability in Linux Kernel

CVE-2002-0499 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.