Lucene search

[email protected]NVD:CVE-2004-2607

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2607

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.4.0test1

linuxlinux_kernelMatch2.4.0test10

linuxlinux_kernelMatch2.4.0test11

linuxlinux_kernelMatch2.4.0test12

linuxlinux_kernelMatch2.4.0test2

linuxlinux_kernelMatch2.4.0test3

linuxlinux_kernelMatch2.4.0test4

linuxlinux_kernelMatch2.4.0test5

linuxlinux_kernelMatch2.4.0test6

linuxlinux_kernelMatch2.4.0test7

linuxlinux_kernelMatch2.4.0test8

linuxlinux_kernelMatch2.4.0test9

linuxlinux_kernelMatch2.4.18x86

linuxlinux_kernelMatch2.4.18pre1

linuxlinux_kernelMatch2.4.18pre2

linuxlinux_kernelMatch2.4.18pre3

linuxlinux_kernelMatch2.4.18pre4

linuxlinux_kernelMatch2.4.18pre5

linuxlinux_kernelMatch2.4.18pre6

linuxlinux_kernelMatch2.4.18pre7

linuxlinux_kernelMatch2.4.18pre8

linuxlinux_kernelMatch2.4.19pre1

linuxlinux_kernelMatch2.4.19pre2

linuxlinux_kernelMatch2.4.19pre3

linuxlinux_kernelMatch2.4.19pre4

linuxlinux_kernelMatch2.4.19pre5

linuxlinux_kernelMatch2.4.19pre6

linuxlinux_kernelMatch2.4.21pre1

linuxlinux_kernelMatch2.4.21pre4

linuxlinux_kernelMatch2.4.21pre7

linuxlinux_kernelMatch2.4.22pre10

linuxlinux_kernelMatch2.4.23

linuxlinux_kernelMatch2.4.23pre9

linuxlinux_kernelMatch2.4.23_ow2

linuxlinux_kernelMatch2.4.24

linuxlinux_kernelMatch2.4.24_ow1

linuxlinux_kernelMatch2.4.25

linuxlinux_kernelMatch2.4.26

linuxlinux_kernelMatch2.4.27

linuxlinux_kernelMatch2.4.27pre1

linuxlinux_kernelMatch2.4.27pre2

linuxlinux_kernelMatch2.4.27pre3

linuxlinux_kernelMatch2.4.27pre4

linuxlinux_kernelMatch2.4.27pre5

linuxlinux_kernelMatch2.4.28

linuxlinux_kernelMatch2.4.29

linuxlinux_kernelMatch2.4.29rc1

linuxlinux_kernelMatch2.6.0

linuxlinux_kernelMatch2.6.1rc1

linuxlinux_kernelMatch2.6.1rc2

linuxlinux_kernelMatch2.6.2

linuxlinux_kernelMatch2.6.3

linuxlinux_kernelMatch2.6.4

linuxlinux_kernelMatch2.6.5

References

secunia.com/advisories/18977

secunia.com/advisories/19369

www.debian.org/security/2006/dsa-1018

www.mandriva.com/security/advisories?name=MDKSA-2006:072

www.securityfocus.com/bid/16759

www.uwsg.iu.edu/hypermail/linux/kernel/0404.2/0313.html

www.uwsg.iu.edu/hypermail/linux/kernel/0404.2/0743.html

wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2004-2607

cvelist1 cve2 nvd1 osv1 openvas4 nessus1 debian3