Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0985

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0985
Last Modified 05 Sep 2008 04:35:43
Published 20 Jan 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0985

Summary

The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9


References

CERT-VN - VU#490620

BID - 9356

REDHAT - RHSA-2003:417

ENGARDE - ESA-20040105-001

XF - linux-domremap-gain-privileges(14135)

REDHAT - RHSA-2003:419

REDHAT - RHSA-2003:418

REDHAT - RHSA-2003:416

OSVDB - 3315

SUSE - SuSE-SA:2004:003

MANDRAKE - MDKSA-2004:001

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24

DEBIAN - DSA-1082

DEBIAN - DSA-1070

DEBIAN - DSA-1069

DEBIAN - DSA-1067

DEBIAN - DSA-475

DEBIAN - DSA-470

DEBIAN - DSA-450

DEBIAN - DSA-442

DEBIAN - DSA-440

DEBIAN - DSA-439

DEBIAN - DSA-427

DEBIAN - DSA-423

DEBIAN - DSA-417

DEBIAN - DSA-413

CIAC - O-045

CONFIRM - http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0

SECUNIA - 20338

SECUNIA - 20202

SECUNIA - 20163

SECUNIA - 10532

BUGTRAQ - 20040112 SmoothWall Project Security Advisory SWP-2004:001

BUGTRAQ - 20040107 [slackware-security] Kernel security update (SSA:2004-006-01)

BUGTRAQ - 20040106 Linux mremap bug correction

BUGTRAQ - 20040105 Linux kernel do_mremap() proof-of-concept exploit code

BUGTRAQ - 20040105 Linux kernel mremap vulnerability

TRUSTIX - 2004-0001

CONFIRM - http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap

MISC - http://isec.pl/vulnerabilities/isec-0013-mremap.txt

IMMUNIX - IMNX-2004-73-001-01

CONECTIVA - CLA-2004:799

BUGTRAQ - 20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)

SGI - 20040102-01-U


Last Updated: 27 May 2016 10:38:08