{ "id": "CVE-2003-0985", "sourceIdentifier": "cve@mitre.org", "published": "2004-01-20T05:00:00.000", "lastModified": "2018-05-03T01:29:23.397", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077." }, { "lang": "es", "value": "La llamada de sistema mremap (do_mremap) en Linux kernel 2.2, 2.4 y 2.6 y posiblemente otras versiones anteriores a 2.4.24, no realiza adecuadamente comprobaciones de l\u00edmites, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio y posiblemente ganar privilegios causando que se reasigne una \u00e1rea de memoria virtual (WMA) para crea una WMA de longitud cero, vulnerabilidad distinta a CAN-2004-0077." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2 }, "baseSeverity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92" } ] } ] } ], "references": [ { "url": "ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U", "source": "cve@mitre.org" }, { "url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html", "source": "cve@mitre.org" }, { "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799", "source": "cve@mitre.org" }, { "url": "http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01", "source": "cve@mitre.org" }, { "url": "http://isec.pl/vulnerabilities/isec-0013-mremap.txt", "source": "cve@mitre.org" }, { "url": "http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107332754521495&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107332782121916&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107340358402129&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107340814409017&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107350348418373&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107394143105081&w=2", "source": "cve@mitre.org" }, { "url": "http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0", "source": "cve@mitre.org" }, { "url": "http://www.ciac.org/ciac/bulletins/o-045.shtml", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-413", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-417", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-423", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-427", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-439", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-440", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-442", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-450", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-470", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2004/dsa-475", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1067", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1069", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1070", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1082", "source": "cve@mitre.org" }, { "url": "http://www.kb.cert.org/vuls/id/490620", "source": "cve@mitre.org", "tags": [ "US Government Resource" ] }, { "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24", "source": "cve@mitre.org" }, { "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001", "source": "cve@mitre.org" }, { "url": "http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2003-416.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2003-417.html", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2003-418.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2003-419.html", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/9356", "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14135", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867", "source": "cve@mitre.org" } ] }