CVE: CAN-2003-0985
Updated: Tue, 06 Jul 2004 14:19:43 +0900
Summary: The mremap system call (do_mremap) in Linux kernel 2.4 and 2.6
	 does not properly perform bounds checks, which allows local users
	 to cause a denial of service and possibly gain privileges by
	 causing a remapping of a virtual memory area (VMA) to create a
	 zero length VMA, a different vulnerability than CAN-2004-0077.
	 (text:CAN-2003-0985)
Priority: High
Status: Closed
Source: RHSA-2003:416-09, RHSA-2003:417-08, RHSA-2003:419-06,
        FEDORA-2003-046, DSA-413-1
Link:  http://www.ultramonkey.org/news_archive.shtml#2004010800
       http://www.ultramonkey.org/news_archive.shtml#2004010801
Resolved In:
  Kernel: 2.4.24-rc1
  Patch:  http://linux.bkbits.net:8080/linux-2.4/cset@1.1136.94.4??nav=index.html
  Red Hat Linux 7.3:
          Vendor:      kernel-2.4.20-28.7
          UltraMonkey: kernel-2.4.20-28.7.um.1
  Red Hat Linux 8.0:
          Vendor:      kernel-2.4.20-28.8
          UltraMonkey: kernel-2.4.20-28.8.um.1
  Red Hat Linux 9:
          Vendor:      kernel-2.4.20-28.9
          UltraMonkey: kernel-2.4.20-28.9.um.1
  Fedora Core 1:
          Vendor:      kernel-2.4.22-1.2138.nptl
          UltraMonkey: kernel-2.4.22-1.2149.nptl.um.2 (initial release)
  Red Hat Enterprise Linux 3:
          Vendor:      kernel-2.4.21-4.0.2.EL
          UltraMonkey: kernel-2.4.21-9.EL.um.2 (initial release)
  Debian Woody:
          Vendor:      kernel-source-2.4.18_2.4.18-14.1
          UltraMonkey: kernel-source-2.4.22-1-ipvs_2.4.22-5woody.um.2
  Debian Sid:
          Vendor:      kernel-source-2.4.22-5
          UltraMonkey: kernel-source-2.4.22-1-ipvs_2.4.22-5.um.2