CVE Vulnerabilities

CVE-2004-0077

Published: Mar 03, 2004 | Modified: May 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Affected Software

Name Vendor Start Version End Version
Bigmem_kernel Redhat 2.4.20-8 2.4.20-8
Kernel Redhat 2.4.20-8 2.4.20-8
Kernel Redhat 2.4.20-8 2.4.20-8
Kernel Redhat 2.4.20-8 2.4.20-8
Kernel_doc Redhat 2.4.20-8 2.4.20-8
Red Hat Enterprise Linux 2.1 RedHat kernel *
Red Hat Enterprise Linux 2.1 RedHat kernel *
Red Hat Enterprise Linux 3 RedHat kernel-0:2.4.21-9.0.1.EL *
Red Hat Enterprise Linux 3 RedHat s390utils-2:1.2.4-3 *
Red Hat Linux 9 RedHat kernel *
Kernel-patch-powerpc-2.4.27 Ubuntu dapper *
Kernel-patch-powerpc-2.4.27 Ubuntu edgy *
Kernel-source-2.4.27 Ubuntu dapper *
Kernel-source-2.4.27 Ubuntu edgy *
User-mode-linux Ubuntu devel *

References