blob: 16f58f01e02dad1dd3320d060008d19c0b47d62b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
Candidate: CVE-2003-0985
References:
BUGTRAQ:20040105 Linux kernel mremap vulnerability
MISC:http://isec.pl/vulnerabilities/isec-0013-mremap.txt
BUGTRAQ:20040105 Linux kernel do_mremap() proof-of-concept exploit code
BUGTRAQ:20040106 Linux mremap bug correction
DEBIAN:DSA-423
DEBIAN:DSA-450
SUSE:SuSE-SA:2004:001
SUSE:SuSE-SA:2004:003
CONECTIVA:CLA-2004:799
ENGARDE:ESA-20040105-001
REDHAT:RHSA-2003:416
REDHAT:RHSA-2003:417
REDHAT:RHSA-2003:418
REDHAT:RHSA-2003:419
DEBIAN:DSA-413
DEBIAN:DSA-417
DEBIAN:DSA-427
DEBIAN:DSA-439
DEBIAN:DSA-440
DEBIAN:DSA-442
DEBIAN:DSA-470
DEBIAN:DSA-475
IMMUNIX:IMNX-2004-73-001-01
MANDRAKE:MDKSA-2004:001
SGI:20040102-01-U
TRUSTIX:2004-0001
BUGTRAQ:20040107 [slackware-security] Kernel security update (SSA:2004-006-01)
BUGTRAQ:20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)
BUGTRAQ:20040112 SmoothWall Project Security Advisory SWP-2004:001
XF:linux-domremap-gain-privileges(14135)
OSVDB:3315
OVAL:OVAL860
OVAL:OVAL867
Description:
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21
does not properly perform bounds checks, which allows local users to
cause a denial of service and possibly gain privileges by causing a
remapping of a virtual memory area (VMA) to create a zero length VMA,
a different vulnerability than CAN-2004-0077.
Notes:
Bugs:
upstream: released (2.4.24-rc1), released (2.6.1)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody1)
2.4.18-woody-security: released (2.4.18-14.1)
2.4.17-woody-security: released (2.4.17-1woody2)
2.4.16-woody-security: released (2.4.16-1woody2)
2.4.17-woody-security-hppa: released (32.3, 62.3)
2.4.17-woody-security-ia64: released (011226.15)
2.4.18-woody-security-hppa: released (62.2)
|