Ultra Monkey: Kernel Security Bug Database: CAN-2004-0077

Ultra Monkey: High Availability and Load Balancing Solution for Linux

Ultra Monkey: Kernel Security Bug Database

CAN-2004-0077

prev up next
CVE CAN-2004-0077[offsite]
Updated Tue, 06 Jul 2004 14:08:10 +0900
Summary The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. (text:CAN-2004-0077)
Priority High
Status Closed
Source RHSA-2004:065-03 RHSA-2004:066-09 DSA-438-1 FEDORA-2004-079 FEDORA-2004-080
Link Ultra Monkey News 2004-02-20-00 Ultra Monkey News 2004-06-26-01
Resolved In
  Kernel 2.4.26-pre3
  Patch Change Set 1.1302.39.4[offsite]
  Red Hat Linux 7.3
          Vendor None
          UltraMonkey kernel-2.4.20-28.7.3.um.2
  Red Hat Linux 8.0
          Vendor None
          UltraMonkey kernel-2.4.20-28.8.um.2
  Red Hat Linux 9
          Vendor kernel-2.4.20-30.9
          UltraMonkey kernel-2.4.20-30.9.um.1
  Fedora Core 1
          Vendor kernel-1.2173.nptl, 1.2174.nptl
          UltraMonkey kernel-2.4.22-1.2174.nptl.um.1
  Red Hat Enterprise Linux 3
          Vendor kernel-2.4.21-9.0.1.EL
          UltraMonkey kernel-2.4.21-9.0.1.EL.um.1
  Debian Woody
          Vendor kernel-source-2.4.18_2.4.18-14.2
          UltraMonkey kernel-source-2.4.22-1-ipvs_2.4.22-5woody.um.4
  Debian Sid
          Vendor kernel-source-2.4.24_2.4.24-3
          UltraMonkey kernel-source-2.4.22-1-ipvs_2.4.22-5.um.4
local data for debugging.
Information provided here is based on the information from the links above and is intended as a refereance only.

Copyright © 2000-2005, Horms
Last Updated: Sat, 04 Mar 2006 02:34:00 -0500

Debian is a registered trademark of Software in the Public Interest, Inc.
Red Hat, the Red Hat Shadowman logo and Fedora are registered trademarks of Red Hat, Inc.
Red Hat may also be refered to as RedHat on this site.
Linux is a registered trademark of Linus Torvalds.
All other trademarks are the property of their respective owners.

prev up next
CVE	CAN-2004-0077[offsite]
Updated	Tue, 06 Jul 2004 14:08:10 +0900
Summary	The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. (text:CAN-2004-0077)
Priority	High
Status	Closed
Source	RHSA-2004:065-03 RHSA-2004:066-09 DSA-438-1 FEDORA-2004-079 FEDORA-2004-080
Link	Ultra Monkey News 2004-02-20-00 Ultra Monkey News 2004-06-26-01
Resolved In
Kernel	2.4.26-pre3
Patch	Change Set 1.1302.39.4[offsite]
Red Hat Linux 7.3
Vendor	None
UltraMonkey	kernel-2.4.20-28.7.3.um.2
Red Hat Linux 8.0
Vendor	None
UltraMonkey	kernel-2.4.20-28.8.um.2
Red Hat Linux 9
Vendor	kernel-2.4.20-30.9
UltraMonkey	kernel-2.4.20-30.9.um.1
Fedora Core 1
Vendor	kernel-1.2173.nptl, 1.2174.nptl
UltraMonkey	kernel-2.4.22-1.2174.nptl.um.1
Red Hat Enterprise Linux 3
Vendor	kernel-2.4.21-9.0.1.EL
UltraMonkey	kernel-2.4.21-9.0.1.EL.um.1
Debian Woody
Vendor	kernel-source-2.4.18_2.4.18-14.2
UltraMonkey	kernel-source-2.4.22-1-ipvs_2.4.22-5woody.um.4
Debian Sid
Vendor	kernel-source-2.4.24_2.4.24-3
UltraMonkey	kernel-source-2.4.22-1-ipvs_2.4.22-5.um.4
local data for debugging.
Information provided here is based on the information from the links above and is intended as a refereance only.