7.2

CVE-2004-0077

Exploit

EPSS 0.11%
Published 03.03.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Affected products Warnungen 0 Metrics 2 CWE 0 References 39

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Bigmem Kernel Version2.4.20-8 Editioni686

Redhat ≫ Kernel Version2.4.20-8 Editionathlon_smp

Redhat ≫ Kernel Version2.4.20-8 Editioni386

Redhat ≫ Kernel Version2.4.20-8 Editioni686_smp

Redhat ≫ Kernel Doc Version2.4.20-8 Editioni386

Redhat ≫ Kernel Source Version2.4.20-8 Editioni386_src

Linux ≫ Linux Kernel Version2.2.0

Linux ≫ Linux Kernel Version2.2.1

Linux ≫ Linux Kernel Version2.2.2

Linux ≫ Linux Kernel Version2.2.3

Linux ≫ Linux Kernel Version2.2.4

Linux ≫ Linux Kernel Version2.2.5

Linux ≫ Linux Kernel Version2.2.6

Linux ≫ Linux Kernel Version2.2.7

Linux ≫ Linux Kernel Version2.2.8

Linux ≫ Linux Kernel Version2.2.9

Linux ≫ Linux Kernel Version2.2.10

Linux ≫ Linux Kernel Version2.2.11

Linux ≫ Linux Kernel Version2.2.12

Linux ≫ Linux Kernel Version2.2.13

Linux ≫ Linux Kernel Version2.2.14

Linux ≫ Linux Kernel Version2.2.15

Linux ≫ Linux Kernel Version2.2.15 Updatepre16

Linux ≫ Linux Kernel Version2.2.15_pre20

Linux ≫ Linux Kernel Version2.2.16

Linux ≫ Linux Kernel Version2.2.16 Updatepre6

Linux ≫ Linux Kernel Version2.2.17

Linux ≫ Linux Kernel Version2.2.18

Linux ≫ Linux Kernel Version2.2.19

Linux ≫ Linux Kernel Version2.2.20

Linux ≫ Linux Kernel Version2.2.21

Linux ≫ Linux Kernel Version2.2.22

Linux ≫ Linux Kernel Version2.2.23

Linux ≫ Linux Kernel Version2.2.24

Linux ≫ Linux Kernel Version2.4.0

Linux ≫ Linux Kernel Version2.4.0 Updatetest1

Linux ≫ Linux Kernel Version2.4.0 Updatetest10

Linux ≫ Linux Kernel Version2.4.0 Updatetest11

Linux ≫ Linux Kernel Version2.4.0 Updatetest12

Linux ≫ Linux Kernel Version2.4.0 Updatetest2

Linux ≫ Linux Kernel Version2.4.0 Updatetest3

Linux ≫ Linux Kernel Version2.4.0 Updatetest4

Linux ≫ Linux Kernel Version2.4.0 Updatetest5

Linux ≫ Linux Kernel Version2.4.0 Updatetest6

Linux ≫ Linux Kernel Version2.4.0 Updatetest7

Linux ≫ Linux Kernel Version2.4.0 Updatetest8

Linux ≫ Linux Kernel Version2.4.0 Updatetest9

Linux ≫ Linux Kernel Version2.4.1

Linux ≫ Linux Kernel Version2.4.2

Linux ≫ Linux Kernel Version2.4.3

Linux ≫ Linux Kernel Version2.4.4

Linux ≫ Linux Kernel Version2.4.5

Linux ≫ Linux Kernel Version2.4.6

Linux ≫ Linux Kernel Version2.4.7

Linux ≫ Linux Kernel Version2.4.8

Linux ≫ Linux Kernel Version2.4.9

Linux ≫ Linux Kernel Version2.4.10

Linux ≫ Linux Kernel Version2.4.11

Linux ≫ Linux Kernel Version2.4.12

Linux ≫ Linux Kernel Version2.4.13

Linux ≫ Linux Kernel Version2.4.14

Linux ≫ Linux Kernel Version2.4.15

Linux ≫ Linux Kernel Version2.4.16

Linux ≫ Linux Kernel Version2.4.17

Linux ≫ Linux Kernel Version2.4.18

Linux ≫ Linux Kernel Version2.4.18 Editionx86

Linux ≫ Linux Kernel Version2.4.18 Updatepre1

Linux ≫ Linux Kernel Version2.4.18 Updatepre2

Linux ≫ Linux Kernel Version2.4.18 Updatepre3

Linux ≫ Linux Kernel Version2.4.18 Updatepre4

Linux ≫ Linux Kernel Version2.4.18 Updatepre5

Linux ≫ Linux Kernel Version2.4.18 Updatepre6

Linux ≫ Linux Kernel Version2.4.18 Updatepre7

Linux ≫ Linux Kernel Version2.4.18 Updatepre8

Linux ≫ Linux Kernel Version2.4.19

Linux ≫ Linux Kernel Version2.4.19 Updatepre1

Linux ≫ Linux Kernel Version2.4.19 Updatepre2

Linux ≫ Linux Kernel Version2.4.19 Updatepre3

Linux ≫ Linux Kernel Version2.4.19 Updatepre4

Linux ≫ Linux Kernel Version2.4.19 Updatepre5

Linux ≫ Linux Kernel Version2.4.19 Updatepre6

Linux ≫ Linux Kernel Version2.4.20

Linux ≫ Linux Kernel Version2.4.21

Linux ≫ Linux Kernel Version2.4.21 Updatepre1

Linux ≫ Linux Kernel Version2.4.21 Updatepre4

Linux ≫ Linux Kernel Version2.4.21 Updatepre7

Linux ≫ Linux Kernel Version2.4.22

Linux ≫ Linux Kernel Version2.4.23

Linux ≫ Linux Kernel Version2.4.23 Updatepre9

Linux ≫ Linux Kernel Version2.4.24

Linux ≫ Linux Kernel Version2.6.0

Linux ≫ Linux Kernel Version2.6.0 Updatetest1

Linux ≫ Linux Kernel Version2.6.0 Updatetest10

Linux ≫ Linux Kernel Version2.6.0 Updatetest11

Linux ≫ Linux Kernel Version2.6.0 Updatetest2

Linux ≫ Linux Kernel Version2.6.0 Updatetest3

Linux ≫ Linux Kernel Version2.6.0 Updatetest4

Linux ≫ Linux Kernel Version2.6.0 Updatetest5

Linux ≫ Linux Kernel Version2.6.0 Updatetest6

Linux ≫ Linux Kernel Version2.6.0 Updatetest7

Linux ≫ Linux Kernel Version2.6.0 Updatetest8

Linux ≫ Linux Kernel Version2.6.0 Updatetest9

Linux ≫ Linux Kernel Version2.6.1 Updaterc1

Linux ≫ Linux Kernel Version2.6.1 Updaterc2

Linux ≫ Linux Kernel Version2.6.2

Linux ≫ Linux Kernel Version2.6_test9_cvs

Netwosix ≫ Netwosix Linux Version1.0

Trustix ≫ Secure Linux Version1.5

Trustix ≫ Secure Linux Version2.0

Redhat ≫ Kernel Version2.4.20-8 Editionathlon

Redhat ≫ Kernel Version2.4.20-8 Editioni386

Redhat ≫ Kernel Version2.4.20-8 Editioni686

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.264

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.debian.org/security/2004/dsa-442

http://www.debian.org/security/2004/dsa-439

Patch

Vendor Advisory

http://www.debian.org/security/2004/dsa-440

http://www.debian.org/security/2004/dsa-450

http://www.debian.org/security/2004/dsa-470

http://www.debian.org/security/2004/dsa-475

http://www.redhat.com/support/errata/RHSA-2004-106.html

http://www.ciac.org/ciac/bulletins/o-082.shtml

http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html

http://www.redhat.com/support/errata/RHSA-2004-065.html

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820

http://fedoranews.org/updates/FEDORA-2004-079.shtml

http://www.redhat.com/support/errata/RHSA-2004-069.html

http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html

http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015

http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt

http://marc.info/?l=bugtraq&m=107711762014175&w=2

http://marc.info/?l=bugtraq&m=107712137732553&w=2

http://marc.info/?l=bugtraq&m=107755871932680&w=2

http://security.gentoo.org/glsa/glsa-200403-02.xml

Patch

Vendor Advisory

http://www.debian.org/security/2004/dsa-438

http://www.debian.org/security/2004/dsa-441

http://www.debian.org/security/2004/dsa-444

http://www.debian.org/security/2004/dsa-453

http://www.debian.org/security/2004/dsa-454

http://www.debian.org/security/2004/dsa-456

http://www.debian.org/security/2004/dsa-466

http://www.debian.org/security/2004/dsa-514

http://www.kb.cert.org/vuls/id/981222

US Government Resource

http://www.osvdb.org/3986

http://www.redhat.com/support/errata/RHSA-2004-066.html

http://www.securityfocus.com/bid/9686

Patch

Vendor Advisory

Exploit

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734

https://exchange.xforce.ibmcloud.com/vulnerabilities/15244

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837

https://nvd.nist.gov/vuln/detail/CVE-2004-0077

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0077

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0077

EUVD