Search criteria

8 vulnerabilities found for kernel by RedHat

CVE-2019-10142 (GCVE-0-2019-10142)

Vulnerability from nvd – Published: 2019-07-30 16:26 – Updated: 2024-08-04 22:10
VLAI?
Summary
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.
Severity ?
7.1 (High)
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
RedHat kernel Affected: 5.0.x up to, excluding 5.0.17
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:10.016Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10142"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "RedHat",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.x up to, excluding 5.0.17"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-30T16:26:31",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10142"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10142",
    "datePublished": "2019-07-30T16:26:31",
    "dateReserved": "2019-03-27T00:00:00",
    "dateUpdated": "2024-08-04T22:10:10.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0619 (GCVE-0-2004-0619)

Vulnerability from nvd – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://marc.info/?l=bugtraq&m=108802653409053&w=2 mailing-listx_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2005-283.html vendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2004-549.html vendor-advisoryx_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/p-047.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
http://www.securityfocus.com/bid/10599 vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/11936 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.849Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
          },
          {
            "name": "RHSA-2005:283",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
          },
          {
            "name": "RHSA-2004:549",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
          },
          {
            "name": "P-047",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
          },
          {
            "name": "10599",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10599"
          },
          {
            "name": "oval:org.mitre.oval:def:9773",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
          },
          {
            "name": "11936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11936"
          },
          {
            "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
        },
        {
          "name": "RHSA-2005:283",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
        },
        {
          "name": "RHSA-2004:549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
        },
        {
          "name": "P-047",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
        },
        {
          "name": "10599",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10599"
        },
        {
          "name": "oval:org.mitre.oval:def:9773",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
        },
        {
          "name": "11936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11936"
        },
        {
          "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0619",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
            },
            {
              "name": "RHSA-2005:283",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
            },
            {
              "name": "RHSA-2004:549",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
            },
            {
              "name": "P-047",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
            },
            {
              "name": "10599",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10599"
            },
            {
              "name": "oval:org.mitre.oval:def:9773",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
            },
            {
              "name": "11936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11936"
            },
            {
              "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0619",
    "datePublished": "2004-06-30T04:00:00",
    "dateReserved": "2004-06-29T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.849Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0077 (GCVE-0-2004-0077)

Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.slackware.com/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
http://www.debian.org/security/2004/dsa-450 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-440 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-069.html vendor-advisoryx_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/o-082.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
http://fedoranews.org/updates/FEDORA-2004-079.shtml vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2004/dsa-439 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-475 vendor-advisoryx_refsource_DEBIAN
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2004-106.html vendor-advisoryx_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.debian.org/security/2004/dsa-442 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-065.html vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2004/dsa-470 vendor-advisoryx_refsource_DEBIAN
http://frontal2.mandriva.com/security/advisories?… vendor-advisoryx_refsource_MANDRAKE
http://www.securityfocus.com/bid/9686 vdb-entryx_refsource_BID
http://www.debian.org/security/2004/dsa-438 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-514 vendor-advisoryx_refsource_DEBIAN
http://isec.pl/vulnerabilities/isec-0014-mremap-u… x_refsource_MISC
http://www.debian.org/security/2004/dsa-456 vendor-advisoryx_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://security.gentoo.org/glsa/glsa-200403-02.xml vendor-advisoryx_refsource_GENTOO
http://www.debian.org/security/2004/dsa-441 vendor-advisoryx_refsource_DEBIAN
http://archives.neohapsis.com/archives/vulnwatch/… mailing-listx_refsource_VULNWATCH
http://www.debian.org/security/2004/dsa-454 vendor-advisoryx_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=107711762014175&w=2 mailing-listx_refsource_BUGTRAQ
http://www.debian.org/security/2004/dsa-444 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-066.html vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=107755871932680&w=2 vendor-advisoryx_refsource_TRUSTIX
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.debian.org/security/2004/dsa-453 vendor-advisoryx_refsource_DEBIAN
http://www.osvdb.org/3986 vdb-entryx_refsource_OSVDB
http://www.kb.cert.org/vuls/id/981222 third-party-advisoryx_refsource_CERT-VN
http://www.debian.org/security/2004/dsa-466 vendor-advisoryx_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=107712137732553&w=2 vendor-advisoryx_refsource_TRUSTIX
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.757Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSA:2004-049",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
          },
          {
            "name": "DSA-450",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-450"
          },
          {
            "name": "DSA-440",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-440"
          },
          {
            "name": "RHSA-2004:069",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
          },
          {
            "name": "O-082",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
          },
          {
            "name": "FEDORA-2004-079",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
          },
          {
            "name": "DSA-439",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-439"
          },
          {
            "name": "DSA-475",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-475"
          },
          {
            "name": "CLA-2004:820",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
          },
          {
            "name": "RHSA-2004:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
          },
          {
            "name": "SuSE-SA:2004:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
          },
          {
            "name": "DSA-442",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-442"
          },
          {
            "name": "RHSA-2004:065",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
          },
          {
            "name": "DSA-470",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-470"
          },
          {
            "name": "MDKSA-2004:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
          },
          {
            "name": "9686",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9686"
          },
          {
            "name": "DSA-438",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-438"
          },
          {
            "name": "DSA-514",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-514"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
          },
          {
            "name": "DSA-456",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-456"
          },
          {
            "name": "oval:org.mitre.oval:def:837",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
          },
          {
            "name": "GLSA-200403-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
          },
          {
            "name": "DSA-441",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-441"
          },
          {
            "name": "20040218 Second critical mremap() bug found in all Linux kernels",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
          },
          {
            "name": "DSA-454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-454"
          },
          {
            "name": "linux-mremap-gain-privileges(15244)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
          },
          {
            "name": "20040218 Second critical mremap() bug found in all Linux kernels",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
          },
          {
            "name": "DSA-444",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-444"
          },
          {
            "name": "RHSA-2004:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
          },
          {
            "name": "2004-0008",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:825",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
          },
          {
            "name": "DSA-453",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-453"
          },
          {
            "name": "3986",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/3986"
          },
          {
            "name": "VU#981222",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/981222"
          },
          {
            "name": "DSA-466",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-466"
          },
          {
            "name": "2004-0007",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-17T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSA:2004-049",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
        },
        {
          "name": "DSA-450",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-450"
        },
        {
          "name": "DSA-440",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-440"
        },
        {
          "name": "RHSA-2004:069",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
        },
        {
          "name": "O-082",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
        },
        {
          "name": "FEDORA-2004-079",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
        },
        {
          "name": "DSA-439",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-439"
        },
        {
          "name": "DSA-475",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-475"
        },
        {
          "name": "CLA-2004:820",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
        },
        {
          "name": "RHSA-2004:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
        },
        {
          "name": "SuSE-SA:2004:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
        },
        {
          "name": "DSA-442",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-442"
        },
        {
          "name": "RHSA-2004:065",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
        },
        {
          "name": "DSA-470",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-470"
        },
        {
          "name": "MDKSA-2004:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
        },
        {
          "name": "9686",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9686"
        },
        {
          "name": "DSA-438",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-438"
        },
        {
          "name": "DSA-514",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-514"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
        },
        {
          "name": "DSA-456",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-456"
        },
        {
          "name": "oval:org.mitre.oval:def:837",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
        },
        {
          "name": "GLSA-200403-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
        },
        {
          "name": "DSA-441",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-441"
        },
        {
          "name": "20040218 Second critical mremap() bug found in all Linux kernels",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
        },
        {
          "name": "DSA-454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-454"
        },
        {
          "name": "linux-mremap-gain-privileges(15244)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
        },
        {
          "name": "20040218 Second critical mremap() bug found in all Linux kernels",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
        },
        {
          "name": "DSA-444",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-444"
        },
        {
          "name": "RHSA-2004:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
        },
        {
          "name": "2004-0008",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:825",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
        },
        {
          "name": "DSA-453",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-453"
        },
        {
          "name": "3986",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/3986"
        },
        {
          "name": "VU#981222",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/981222"
        },
        {
          "name": "DSA-466",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-466"
        },
        {
          "name": "2004-0007",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSA:2004-049",
              "refsource": "SLACKWARE",
              "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
            },
            {
              "name": "DSA-450",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-450"
            },
            {
              "name": "DSA-440",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-440"
            },
            {
              "name": "RHSA-2004:069",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
            },
            {
              "name": "O-082",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
            },
            {
              "name": "FEDORA-2004-079",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
            },
            {
              "name": "DSA-439",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-439"
            },
            {
              "name": "DSA-475",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-475"
            },
            {
              "name": "CLA-2004:820",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
            },
            {
              "name": "RHSA-2004:106",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
            },
            {
              "name": "SuSE-SA:2004:005",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
            },
            {
              "name": "DSA-442",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-442"
            },
            {
              "name": "RHSA-2004:065",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
            },
            {
              "name": "DSA-470",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-470"
            },
            {
              "name": "MDKSA-2004:015",
              "refsource": "MANDRAKE",
              "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
            },
            {
              "name": "9686",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9686"
            },
            {
              "name": "DSA-438",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-438"
            },
            {
              "name": "DSA-514",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-514"
            },
            {
              "name": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt",
              "refsource": "MISC",
              "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
            },
            {
              "name": "DSA-456",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-456"
            },
            {
              "name": "oval:org.mitre.oval:def:837",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
            },
            {
              "name": "GLSA-200403-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
            },
            {
              "name": "DSA-441",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-441"
            },
            {
              "name": "20040218 Second critical mremap() bug found in all Linux kernels",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
            },
            {
              "name": "DSA-454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-454"
            },
            {
              "name": "linux-mremap-gain-privileges(15244)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
            },
            {
              "name": "20040218 Second critical mremap() bug found in all Linux kernels",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
            },
            {
              "name": "DSA-444",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-444"
            },
            {
              "name": "RHSA-2004:066",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
            },
            {
              "name": "2004-0008",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:825",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
            },
            {
              "name": "DSA-453",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-453"
            },
            {
              "name": "3986",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/3986"
            },
            {
              "name": "VU#981222",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/981222"
            },
            {
              "name": "DSA-466",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-466"
            },
            {
              "name": "2004-0007",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0077",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2004-01-19T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0700 (GCVE-0-2003-0700)

Vulnerability from nvd – Published: 2004-01-22 05:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:11.330Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2003:238",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
          },
          {
            "name": "RHSA-2004:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
          },
          {
            "name": "oval:org.mitre.oval:def:401",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-08-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2003:238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
        },
        {
          "name": "RHSA-2004:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
        },
        {
          "name": "oval:org.mitre.oval:def:401",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0700",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2003:238",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
            },
            {
              "name": "RHSA-2004:044",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
            },
            {
              "name": "oval:org.mitre.oval:def:401",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0700",
    "datePublished": "2004-01-22T05:00:00",
    "dateReserved": "2003-08-20T00:00:00",
    "dateUpdated": "2024-08-08T02:05:11.330Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10142 (GCVE-0-2019-10142)

Vulnerability from cvelistv5 – Published: 2019-07-30 16:26 – Updated: 2024-08-04 22:10
VLAI?
Summary
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.
Severity ?
7.1 (High)
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
RedHat kernel Affected: 5.0.x up to, excluding 5.0.17
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:10.016Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10142"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "RedHat",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.x up to, excluding 5.0.17"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-30T16:26:31",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10142"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10142",
    "datePublished": "2019-07-30T16:26:31",
    "dateReserved": "2019-03-27T00:00:00",
    "dateUpdated": "2024-08-04T22:10:10.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0077 (GCVE-0-2004-0077)

Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.slackware.com/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
http://www.debian.org/security/2004/dsa-450 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-440 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-069.html vendor-advisoryx_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/o-082.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
http://fedoranews.org/updates/FEDORA-2004-079.shtml vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2004/dsa-439 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-475 vendor-advisoryx_refsource_DEBIAN
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2004-106.html vendor-advisoryx_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.debian.org/security/2004/dsa-442 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-065.html vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2004/dsa-470 vendor-advisoryx_refsource_DEBIAN
http://frontal2.mandriva.com/security/advisories?… vendor-advisoryx_refsource_MANDRAKE
http://www.securityfocus.com/bid/9686 vdb-entryx_refsource_BID
http://www.debian.org/security/2004/dsa-438 vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-514 vendor-advisoryx_refsource_DEBIAN
http://isec.pl/vulnerabilities/isec-0014-mremap-u… x_refsource_MISC
http://www.debian.org/security/2004/dsa-456 vendor-advisoryx_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://security.gentoo.org/glsa/glsa-200403-02.xml vendor-advisoryx_refsource_GENTOO
http://www.debian.org/security/2004/dsa-441 vendor-advisoryx_refsource_DEBIAN
http://archives.neohapsis.com/archives/vulnwatch/… mailing-listx_refsource_VULNWATCH
http://www.debian.org/security/2004/dsa-454 vendor-advisoryx_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=107711762014175&w=2 mailing-listx_refsource_BUGTRAQ
http://www.debian.org/security/2004/dsa-444 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-066.html vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=107755871932680&w=2 vendor-advisoryx_refsource_TRUSTIX
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.debian.org/security/2004/dsa-453 vendor-advisoryx_refsource_DEBIAN
http://www.osvdb.org/3986 vdb-entryx_refsource_OSVDB
http://www.kb.cert.org/vuls/id/981222 third-party-advisoryx_refsource_CERT-VN
http://www.debian.org/security/2004/dsa-466 vendor-advisoryx_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=107712137732553&w=2 vendor-advisoryx_refsource_TRUSTIX
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.757Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSA:2004-049",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
          },
          {
            "name": "DSA-450",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-450"
          },
          {
            "name": "DSA-440",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-440"
          },
          {
            "name": "RHSA-2004:069",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
          },
          {
            "name": "O-082",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
          },
          {
            "name": "FEDORA-2004-079",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
          },
          {
            "name": "DSA-439",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-439"
          },
          {
            "name": "DSA-475",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-475"
          },
          {
            "name": "CLA-2004:820",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
          },
          {
            "name": "RHSA-2004:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
          },
          {
            "name": "SuSE-SA:2004:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
          },
          {
            "name": "DSA-442",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-442"
          },
          {
            "name": "RHSA-2004:065",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
          },
          {
            "name": "DSA-470",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-470"
          },
          {
            "name": "MDKSA-2004:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
          },
          {
            "name": "9686",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9686"
          },
          {
            "name": "DSA-438",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-438"
          },
          {
            "name": "DSA-514",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-514"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
          },
          {
            "name": "DSA-456",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-456"
          },
          {
            "name": "oval:org.mitre.oval:def:837",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
          },
          {
            "name": "GLSA-200403-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
          },
          {
            "name": "DSA-441",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-441"
          },
          {
            "name": "20040218 Second critical mremap() bug found in all Linux kernels",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
          },
          {
            "name": "DSA-454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-454"
          },
          {
            "name": "linux-mremap-gain-privileges(15244)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
          },
          {
            "name": "20040218 Second critical mremap() bug found in all Linux kernels",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
          },
          {
            "name": "DSA-444",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-444"
          },
          {
            "name": "RHSA-2004:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
          },
          {
            "name": "2004-0008",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:825",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
          },
          {
            "name": "DSA-453",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-453"
          },
          {
            "name": "3986",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/3986"
          },
          {
            "name": "VU#981222",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/981222"
          },
          {
            "name": "DSA-466",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-466"
          },
          {
            "name": "2004-0007",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-17T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSA:2004-049",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
        },
        {
          "name": "DSA-450",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-450"
        },
        {
          "name": "DSA-440",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-440"
        },
        {
          "name": "RHSA-2004:069",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
        },
        {
          "name": "O-082",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
        },
        {
          "name": "FEDORA-2004-079",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
        },
        {
          "name": "DSA-439",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-439"
        },
        {
          "name": "DSA-475",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-475"
        },
        {
          "name": "CLA-2004:820",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
        },
        {
          "name": "RHSA-2004:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
        },
        {
          "name": "SuSE-SA:2004:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
        },
        {
          "name": "DSA-442",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-442"
        },
        {
          "name": "RHSA-2004:065",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
        },
        {
          "name": "DSA-470",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-470"
        },
        {
          "name": "MDKSA-2004:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
        },
        {
          "name": "9686",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9686"
        },
        {
          "name": "DSA-438",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-438"
        },
        {
          "name": "DSA-514",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-514"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
        },
        {
          "name": "DSA-456",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-456"
        },
        {
          "name": "oval:org.mitre.oval:def:837",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
        },
        {
          "name": "GLSA-200403-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
        },
        {
          "name": "DSA-441",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-441"
        },
        {
          "name": "20040218 Second critical mremap() bug found in all Linux kernels",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
        },
        {
          "name": "DSA-454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-454"
        },
        {
          "name": "linux-mremap-gain-privileges(15244)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
        },
        {
          "name": "20040218 Second critical mremap() bug found in all Linux kernels",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
        },
        {
          "name": "DSA-444",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-444"
        },
        {
          "name": "RHSA-2004:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
        },
        {
          "name": "2004-0008",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:825",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
        },
        {
          "name": "DSA-453",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-453"
        },
        {
          "name": "3986",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/3986"
        },
        {
          "name": "VU#981222",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/981222"
        },
        {
          "name": "DSA-466",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-466"
        },
        {
          "name": "2004-0007",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSA:2004-049",
              "refsource": "SLACKWARE",
              "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734"
            },
            {
              "name": "DSA-450",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-450"
            },
            {
              "name": "DSA-440",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-440"
            },
            {
              "name": "RHSA-2004:069",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-069.html"
            },
            {
              "name": "O-082",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/o-082.shtml"
            },
            {
              "name": "FEDORA-2004-079",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA-2004-079.shtml"
            },
            {
              "name": "DSA-439",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-439"
            },
            {
              "name": "DSA-475",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-475"
            },
            {
              "name": "CLA-2004:820",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000820"
            },
            {
              "name": "RHSA-2004:106",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-106.html"
            },
            {
              "name": "SuSE-SA:2004:005",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html"
            },
            {
              "name": "DSA-442",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-442"
            },
            {
              "name": "RHSA-2004:065",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-065.html"
            },
            {
              "name": "DSA-470",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-470"
            },
            {
              "name": "MDKSA-2004:015",
              "refsource": "MANDRAKE",
              "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015"
            },
            {
              "name": "9686",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9686"
            },
            {
              "name": "DSA-438",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-438"
            },
            {
              "name": "DSA-514",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-514"
            },
            {
              "name": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt",
              "refsource": "MISC",
              "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
            },
            {
              "name": "DSA-456",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-456"
            },
            {
              "name": "oval:org.mitre.oval:def:837",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A837"
            },
            {
              "name": "GLSA-200403-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200403-02.xml"
            },
            {
              "name": "DSA-441",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-441"
            },
            {
              "name": "20040218 Second critical mremap() bug found in all Linux kernels",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html"
            },
            {
              "name": "DSA-454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-454"
            },
            {
              "name": "linux-mremap-gain-privileges(15244)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15244"
            },
            {
              "name": "20040218 Second critical mremap() bug found in all Linux kernels",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107711762014175\u0026w=2"
            },
            {
              "name": "DSA-444",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-444"
            },
            {
              "name": "RHSA-2004:066",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-066.html"
            },
            {
              "name": "2004-0008",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107755871932680\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:825",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A825"
            },
            {
              "name": "DSA-453",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-453"
            },
            {
              "name": "3986",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/3986"
            },
            {
              "name": "VU#981222",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/981222"
            },
            {
              "name": "DSA-466",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-466"
            },
            {
              "name": "2004-0007",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107712137732553\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0077",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2004-01-19T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0619 (GCVE-0-2004-0619)

Vulnerability from cvelistv5 – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://marc.info/?l=bugtraq&m=108802653409053&w=2 mailing-listx_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2005-283.html vendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2004-549.html vendor-advisoryx_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/p-047.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
http://www.securityfocus.com/bid/10599 vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/11936 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.849Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
          },
          {
            "name": "RHSA-2005:283",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
          },
          {
            "name": "RHSA-2004:549",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
          },
          {
            "name": "P-047",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
          },
          {
            "name": "10599",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10599"
          },
          {
            "name": "oval:org.mitre.oval:def:9773",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
          },
          {
            "name": "11936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11936"
          },
          {
            "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
        },
        {
          "name": "RHSA-2005:283",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
        },
        {
          "name": "RHSA-2004:549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
        },
        {
          "name": "P-047",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
        },
        {
          "name": "10599",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10599"
        },
        {
          "name": "oval:org.mitre.oval:def:9773",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
        },
        {
          "name": "11936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11936"
        },
        {
          "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0619",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
            },
            {
              "name": "RHSA-2005:283",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
            },
            {
              "name": "RHSA-2004:549",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
            },
            {
              "name": "P-047",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
            },
            {
              "name": "10599",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10599"
            },
            {
              "name": "oval:org.mitre.oval:def:9773",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
            },
            {
              "name": "11936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11936"
            },
            {
              "name": "bcm5820-adddsabufbytes-integer-bo(16459)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0619",
    "datePublished": "2004-06-30T04:00:00",
    "dateReserved": "2004-06-29T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.849Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0700 (GCVE-0-2003-0700)

Vulnerability from cvelistv5 – Published: 2004-01-22 05:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:11.330Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2003:238",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
          },
          {
            "name": "RHSA-2004:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
          },
          {
            "name": "oval:org.mitre.oval:def:401",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-08-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2003:238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
        },
        {
          "name": "RHSA-2004:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
        },
        {
          "name": "oval:org.mitre.oval:def:401",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0700",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2003:238",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
            },
            {
              "name": "RHSA-2004:044",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-044.html"
            },
            {
              "name": "oval:org.mitre.oval:def:401",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0700",
    "datePublished": "2004-01-22T05:00:00",
    "dateReserved": "2003-08-20T00:00:00",
    "dateUpdated": "2024-08-08T02:05:11.330Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}