2.1

CVE-2004-0427

The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.4.0 < 2.4.26
LinuxLinux Kernel Version >= 2.6.0 < 2.6.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.47% 0.368
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

http://secunia.com/advisories/20162
Broken Link
http://secunia.com/advisories/20163
Broken Link
http://secunia.com/advisories/20202
Broken Link
http://secunia.com/advisories/20338
Third Party Advisory
http://www.debian.org/security/2006/dsa-1067
Broken Link
http://www.debian.org/security/2006/dsa-1069
Broken Link
http://www.debian.org/security/2006/dsa-1070
Broken Link
http://www.debian.org/security/2006/dsa-1082
Broken Link
http://secunia.com/advisories/11464
Broken Link
http://secunia.com/advisories/11891
Broken Link
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
Broken Link
http://security.gentoo.org/glsa/glsa-200407-02.xml
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc
Patch
Vendor Advisory
Broken Link
http://secunia.com/advisories/11429
Broken Link
http://secunia.com/advisories/11486
Broken Link
http://secunia.com/advisories/11861
Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2004:037
Third Party Advisory
http://www.novell.com/linux/security/advisories/2004_10_kernel.html
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc
Patch
Vendor Advisory
Broken Link
http://fedoranews.org/updates/FEDORA-2004-111.shtml
Third Party Advisory
http://linux.bkbits.net:8080/linux-2.4/cset%40407bf20eDeeejm8t36_tpvSE-8EFHA
Broken Link
http://linux.bkbits.net:8080/linux-2.6/cset%40407b1217x4jtqEkpFW2g_-RcF0726A
Broken Link
http://marc.info/?l=linux-kernel&m=108139073506983&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/11541
Broken Link
http://secunia.com/advisories/11892
Broken Link
http://www.ciac.org/ciac/bulletins/o-164.shtml
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-255.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-260.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-327.html
Broken Link
http://www.securityfocus.com/bid/10221
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/16002
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10297
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2819
Broken Link