Lucene search

K

[email protected]CVE-2004-0077

HistoryMar 03, 2004 - 5:00 a.m.

CVE-2004-0077

2004-03-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

50

cve-2004-0077

linux

mremap

do_munmap

root privileges

vulnerability

nvd

6.3 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

CPENameOperatorVersion
redhat:kernel_docredhat kernel doceq2.4.20-8
redhat:kernelredhat kerneleq2.4.20-8
redhat:bigmem_kernelredhat bigmem kerneleq2.4.20-8
redhat:kernel_sourceredhat kernel sourceeq2.4.20-8
linux:linux_kernellinux linux kerneleq2.2.0
linux:linux_kernellinux linux kerneleq2.2.1
linux:linux_kernellinux linux kerneleq2.2.2
linux:linux_kernellinux linux kerneleq2.2.3
linux:linux_kernellinux linux kerneleq2.2.4
linux:linux_kernellinux linux kerneleq2.2.5

Rows per page:

1-10 of 621

References

archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820

fedoranews.org/updates/FEDORA-2004-079.shtml

frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015

isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt

marc.info/?l=bugtraq&m=107711762014175&w=2

marc.info/?l=bugtraq&m=107712137732553&w=2

marc.info/?l=bugtraq&m=107755871932680&w=2

security.gentoo.org/glsa/glsa-200403-02.xml

www.ciac.org/ciac/bulletins/o-082.shtml

www.debian.org/security/2004/dsa-438

www.debian.org/security/2004/dsa-439

www.debian.org/security/2004/dsa-440

www.debian.org/security/2004/dsa-441

www.debian.org/security/2004/dsa-442

www.debian.org/security/2004/dsa-444

www.debian.org/security/2004/dsa-450

www.debian.org/security/2004/dsa-453

www.debian.org/security/2004/dsa-454

www.debian.org/security/2004/dsa-456

www.debian.org/security/2004/dsa-466

www.debian.org/security/2004/dsa-470

www.debian.org/security/2004/dsa-475

www.debian.org/security/2004/dsa-514

www.kb.cert.org/vuls/id/981222

www.novell.com/linux/security/advisories/2004_05_linux_kernel.html

www.osvdb.org/3986

www.redhat.com/support/errata/RHSA-2004-065.html

www.redhat.com/support/errata/RHSA-2004-066.html

www.redhat.com/support/errata/RHSA-2004-069.html

www.redhat.com/support/errata/RHSA-2004-106.html

www.securityfocus.com/bid/9686

www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734

exchange.xforce.ibmcloud.com/vulnerabilities/15244

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837

6.3 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

Related for CVE-2004-0077

nessus31 cve2 slackware3 cert2 ubuntucve2 openvas49 debian38 osv18 packetstorm1 gentoo1 securityvulns3 redhat6 exploitpack1 suse3 exploitdb1