CVE Catalog

CVE-1999-1406

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

29th percentile — higher than 29% of all known CVEs

Summary

The dumpreg program in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, allowing local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.

Risk Assessment

Local users can exploit this vulnerability to trigger a system crash, leading to service downtime.

Recommendation

It is recommended to update the system to a newer version to eliminate this vulnerability and restrict access to the dumpreg program.

Original NVD description (English source)

dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS