Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0077

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-0077
Last Modified 05 Sep 2008 04:37:26
Published 03 Mar 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0077

Summary

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.0

  • Linux Kernel 2.2.1

  • Linux Kernel 2.2.10

  • Linux Kernel 2.2.11

  • Linux Kernel 2.2.12

  • Linux Kernel 2.2.13

  • Linux Kernel 2.2.14

  • Linux Kernel 2.2.15

  • Linux Kernel 2.2.15 Pre20

  • Linux Kernel 2.2.16

  • Linux Kernel 2.2.17

  • Linux Kernel 2.2.18

  • Linux Kernel 2.2.19

  • Linux Kernel 2.2.2

  • Linux Kernel 2.2.20

  • Linux Kernel 2.2.21

  • Linux Kernel 2.2.22

  • Linux Kernel 2.2.23

  • Linux Kernel 2.2.24

  • Linux Kernel 2.2.3

  • Linux Kernel 2.2.4

  • Linux Kernel 2.2.5

  • Linux Kernel 2.2.6

  • Linux Kernel 2.2.7

  • Linux Kernel 2.2.8

  • Linux Kernel 2.2.9

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.20

  • Linux Kernel 2.4.21

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.4

  • Linux Kernel 2.4.5

  • Linux Kernel 2.4.6

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.2

  • Netwosix Linux 1.0

  • Trustix Secure Linux 1.5

  • Trustix Secure Linux 2.0

Application

  • Redhat Bigmem Kernel 2.4.20-8

  • Redhat Kernel 2.4.20-8

  • Redhat Kernel Doc 2.4.20-8

  • Redhat Kernel Source 2.4.20-8


References

CERT-VN - VU#981222

BID - 9686

DEBIAN - DSA-439

GENTOO - GLSA-200403-02

XF - linux-mremap-gain-privileges(15244)

BUGTRAQ - 20040218 Second critical mremap() bug found in all Linux kernels

MISC - http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt

SLACKWARE - SSA:2004-049

REDHAT - RHSA-2004:106

REDHAT - RHSA-2004:069

REDHAT - RHSA-2004:066

REDHAT - RHSA-2004:065

OSVDB - 3986

SUSE - SuSE-SA:2004:005

DEBIAN - DSA-514

DEBIAN - DSA-475

DEBIAN - DSA-470

DEBIAN - DSA-466

DEBIAN - DSA-456

DEBIAN - DSA-454

DEBIAN - DSA-453

DEBIAN - DSA-450

DEBIAN - DSA-444

DEBIAN - DSA-442

DEBIAN - DSA-441

DEBIAN - DSA-440

DEBIAN - DSA-438

CIAC - O-082

TRUSTIX - 2004-0008

TRUSTIX - 2004-0007

MANDRAKE - MDKSA-2004:015

FEDORA - FEDORA-2004-079

CONECTIVA - CLA-2004:820


Last Updated: 27 May 2016 10:38:28