blob: 048cc7e6f669e5f63aa8b4aa374cc2946e32acf9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
Candidate: CVE-2004-0427
References:
MLIST:[linux-kernel] 20040408 [PATCH]: 2.4/2.6 do_fork() error path memory leak
URL:http://marc.theaimsgroup.com/?l=linux-kernel&m=108139073506983&w=2
CONECTIVA:CLA-2004:846
URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
ENGARDE:ESA-20040428-004
FEDORA:FEDORA-2004-111
URL:http://fedoranews.org/updates/FEDORA-2004-111.shtml
GENTOO:GLSA-200407-02
URL:http://security.gentoo.org/glsa/glsa-200407-02.xml
MANDRAKE:MDKSA-2004:037
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:037
REDHAT:RHSA-2004:255
URL:http://www.redhat.com/support/errata/RHSA-2004-255.html
REDHAT:RHSA-2004:260
URL:http://www.redhat.com/support/errata/RHSA-2004-260.html
REDHAT:RHSA-2004:327
URL:http://www.redhat.com/support/errata/RHSA-2004-327.html
SGI:20040504-01-U
URL:ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc
SGI:20040505-01-U
URL:ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc
SUSE:SuSE-SA:2004:010
URL:http://www.novell.com/linux/security/advisories/2004_10_kernel.html
TURBO:TLSA-2004-14
URL:http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
MISC:http://linux.bkbits.net:8080/linux-2.4/cset@407bf20eDeeejm8t36_tpvSE-8EFHA
MISC:http://linux.bkbits.net:8080/linux-2.6/cset@407b1217x4jtqEkpFW2g_-RcF0726A
CIAC:O-164
URL:http://www.ciac.org/ciac/bulletins/o-164.shtml
BID:10221
URL:http://www.securityfocus.com/bid/10221
SECUNIA:11429
URL:http://secunia.com/advisories/11429
SECUNIA:11464
URL:http://secunia.com/advisories/11464
SECUNIA:11486
URL:http://secunia.com/advisories/11486
SECUNIA:11541
URL:http://secunia.com/advisories/11541
SECUNIA:11861
URL:http://secunia.com/advisories/11861
SECUNIA:11891
URL:http://secunia.com/advisories/11891
SECUNIA:11892
URL:http://secunia.com/advisories/11892
OVAL:OVAL2819
URL:http://oval.mitre.org/oval/definitions/data/oval2819.html
XF:linux-dofork-memory-leak(16002)
URL:http://xforce.iss.net/xforce/xfdb/16002
Description:
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6,
does not properly decrement the mm_count counter when an error occurs after
the mm_struct for a child process has been activated, which triggers a memory
leak that allows local users to cause a denial of service (memory exhaustion)
via the clone (CLONE_VM) system call.
Notes:
Bugs:
upstream: released (2.4.26, 2.6.6)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody3)
2.4.18-woody-security: released (2.4.18-14.4)
2.4.17-woody-security: released (2.4.17-1woody4)
2.4.16-woody-security: released (2.4.16-1woody3)
2.4.17-woody-security-hppa: released (32.5)
2.4.17-woody-security-ia64: released (011226.18)
2.4.18-woody-security-hppa: released (62.4)
|