Candidate: CVE-2004-0495 References: CONECTIVA:CLA-2004:845 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 CONECTIVA:CLA-2004:846 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 FEDORA:FEDORA-2004-186 URL:http://lwn.net/Articles/91155/ GENTOO:GLSA-200407-02 URL:http://security.gentoo.org/glsa/glsa-200407-02.xml MANDRAKE:MDKSA-2004:066 URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 REDHAT:RHSA-2004:255 URL:http://www.redhat.com/support/errata/RHSA-2004-255.html REDHAT:RHSA-2004:260 URL:http://www.redhat.com/support/errata/RHSA-2004-260.html SUSE:SUSE-SA:2004:020 URL:http://www.novell.com/linux/security/advisories/2004_20_kernel.html OVAL:OVAL2961 URL:http://oval.mitre.org/oval/definitions/data/oval2961.html XF:linux-drivers-gain-privileges(16449) URL:http://xforce.iss.net/xforce/xfdb/16449 BID:10566 URL:http://www.securityfocus.com/bid/10566 Description: Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. Notes: dannf> 2.4 patches: http://linux.bkbits.net:8080/linux-2.4/cset@40d972a19cY-Al1qQickpmg8z_gxmg?nav=index.html|src/|src/net|src/net/decnet|related/net/decnet/dn_dev.c http://linux.bkbits.net:8080/linux-2.4/cset@40d97303iUWCFF5wizAKNT5CC5ctJg?nav=index.html|src/|src/drivers|src/drivers/sound|related/drivers/sound/mpu401.c http://linux.bkbits.net:8080/linux-2.4/cset@40d973835aLERLaEv4dP6Hjw31Nn5A?nav=index.html|src/|src/drivers|src/drivers/sound|related/drivers/sound/msnd.h http://linux.bkbits.net:8080/linux-2.4/cset@40d973d9FCCgP1ZDVGknBTDKgDXw6w?nav=index.html|src/|src/drivers|src/drivers/sound|related/drivers/sound/pss.c http://linux.bkbits.net:8080/linux-2.4/cset@40d9743al24lCKKm8wbRs-S_2CgWTA?nav=index.html|src/|src/drivers|src/drivers/net|src/drivers/net/wireless|related/drivers/net/wireless/airo.c http://linux.bkbits.net:8080/linux-2.4/cset@40d975a2Ttlhd2amhkcgbfzndDMUZA?nav=index.html|src/|src/drivers|src/drivers/acpi|related/drivers/acpi/asus_acpi.c Bugs: upstream: released (2.4.27-rc2, 2.6.7) linux-2.6: N/A 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A 2.4.19-woody-security: 2.4.18-woody-security: 2.4.17-woody-security: 2.4.16-woody-security: 2.4.17-woody-security-hppa: 2.4.17-woody-security-ia64: 2.4.18-woody-security-hppa: