Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Производитель ПО
Наименование ПО
Enterprise Linux AS
(4.0 Advanced Server)
Enterprise Linux WS
(4.0 Workstation)
Linux Kernel
(Unknown)
Описание
A local overflow exists in the kernel of Red Hat Enterprise Linux. The 'rw_vm()' function in 'usercopy.c' fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause the kernel to crash resulting in a loss of availability.
Как исправить
Currently, there are no known workarounds or upgrades to correct this issue. However, Red Hat has released a patch to address this vulnerability.
Ссылки
REDHAT (Bugzilla Bug 165547 in “ CAN-2005-2100 4G/4G split bounds checking): https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165547
REDHAT (RHSA-2005:514): http://www.redhat.com/support/errata/RHSA-2005-514.html
REDHAT (RHSA-2005:514): http://www.redhat.com/support/errata/RHSA-2005-514.html