2.1
CVE-2004-0427
- EPSS 0.47%
- Veröffentlicht 07.07.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.4.0 < 2.4.26
Linux ≫ Linux Kernel Version >= 2.6.0 < 2.6.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.47% | 0.368 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
http://secunia.com/advisories/20162
http://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
http://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
http://secunia.com/advisories/11464
http://secunia.com/advisories/11891
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
http://security.gentoo.org/glsa/glsa-200407-02.xml
ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc
http://secunia.com/advisories/11429
http://secunia.com/advisories/11486
http://secunia.com/advisories/11861
http://www.mandriva.com/security/advisories?name=MDKSA-2004:037
http://www.novell.com/linux/security/advisories/2004_10_kernel.html
ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc
http://fedoranews.org/updates/FEDORA-2004-111.shtml
http://linux.bkbits.net:8080/linux-2.4/cset%40407bf20eDeeejm8t36_tpvSE-8EFHA
http://linux.bkbits.net:8080/linux-2.6/cset%40407b1217x4jtqEkpFW2g_-RcF0726A
http://marc.info/?l=linux-kernel&m=108139073506983&w=2
http://secunia.com/advisories/11541
http://secunia.com/advisories/11892
http://www.ciac.org/ciac/bulletins/o-164.shtml
http://www.redhat.com/support/errata/RHSA-2004-255.html
http://www.redhat.com/support/errata/RHSA-2004-260.html
http://www.redhat.com/support/errata/RHSA-2004-327.html
http://www.securityfocus.com/bid/10221
https://exchange.xforce.ibmcloud.com/vulnerabilities/16002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10297
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2819