Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0491

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0491
Last Modified 21 Aug 2010 12:20:38
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0491

Summary

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 3.0


References

MLIST - [linux-kernel] 20040402 Re: disable-cap-mlock

BID - 13769

REDHAT - RHSA-2005:472

SECUNIA - 19607

SGI - 20060402-01-U


Last Updated: 27 May 2016 10:38:38