CVE-2004-0077

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Affected Software

Name	Vendor	Start Version	End Version
Bigmem_kernel	Redhat	2.4.20-8 (including)	2.4.20-8 (including)
Kernel	Redhat	2.4.20-8 (including)	2.4.20-8 (including)
Kernel_doc	Redhat	2.4.20-8 (including)	2.4.20-8 (including)
Red Hat Enterprise Linux 3	RedHat	kernel-0:2.4.21-9.0.1.EL	*
Red Hat Enterprise Linux 3	RedHat	s390utils-2:1.2.4-3	*
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Enterprise Linux ES version 2.1	RedHat		*
Red Hat Enterprise Linux WS version 2.1	RedHat		*
Red Hat Linux 9	RedHat		*
Red Hat Linux Advanced Workstation 2.1	RedHat		*
Kernel-patch-powerpc-2.4.27	Ubuntu	dapper	*
Kernel-patch-powerpc-2.4.27	Ubuntu	edgy	*
Kernel-source-2.4.27	Ubuntu	dapper	*
Kernel-source-2.4.27	Ubuntu	edgy	*
User-mode-linux	Ubuntu	devel	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0077
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References