Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
Linux Kernel
(Unknown)
Secure Linux
(1.5, 2.0)
Описание
Как исправить
Ссылки
MISC (http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt): http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
The Aims Group (Second critical mremap() bug found in all Linux, kernel,s): http://marc.theaimsgroup.com/?l=bugtraq&m=107711762014175&w=2
Debian (linux-kernel-2.4.16-arm -- several vulnerabilities): http://www.debian.org/security/2004/dsa-439
ISS X-Force (Linux kernel do_mremap allows elevated privileges): http://xforce.iss.net/xforce/xfdb/15244
Security Focus (bid 9686): http://www.securityfocus.com/bid/9686
Gentoo (Linux kernel do_mremap local privilege escalation vulnerability): http://security.gentoo.org/glsa/glsa-200403-02.xml
VULNWATCH (20040218 Second critical mremap() bug found in all Linux kernels): http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html
CONECTIVA (CLA-2004:820): http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820
DEBIAN (DSA-438): http://www.debian.org/security/2004/dsa-438
DEBIAN (DSA-440): http://www.debian.org/security/2004/dsa-440
DEBIAN (DSA-441): http://www.debian.org/security/2004/dsa-441
DEBIAN (DSA-442): http://www.debian.org/security/2004/dsa-442
DEBIAN (DSA-444): http://www.debian.org/security/2004/dsa-444
DEBIAN (DSA-450): http://www.debian.org/security/2004/dsa-450
DEBIAN (DSA-453): http://www.debian.org/security/2004/dsa-453
DEBIAN (DSA-454): http://www.debian.org/security/2004/dsa-454
DEBIAN (DSA-456): http://www.debian.org/security/2004/dsa-456
DEBIAN (DSA-466): http://www.debian.org/security/2004/dsa-466
DEBIAN (DSA-470): http://www.debian.org/security/2004/dsa-470
DEBIAN (DSA-514): http://www.debian.org/security/2004/dsa-514
DEBIAN (DSA-475): http://www.debian.org/security/2004/dsa-475
FEDORA (FEDORA-2004-079): http://fedoranews.org/updates/FEDORA-2004-079.shtml
MANDRAKE (MDKSA-2004:015): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015
REDHAT (RHSA-2004:065): http://www.redhat.com/support/errata/RHSA-2004-065.html
REDHAT (RHSA-2004:066): http://www.redhat.com/support/errata/RHSA-2004-066.html
REDHAT (RHSA-2004:069): http://www.redhat.com/support/errata/RHSA-2004-069.html
REDHAT (RHSA-2004:106): http://www.redhat.com/support/errata/RHSA-2004-106.html
SLACKWARE (SSA:2004-049): http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
SUSE (SuSE-SA:2004:005): http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
TRUSTIX (2004-0007): http://marc.theaimsgroup.com/?l=bugtraq&m=107712137732553&w=2
TRUSTIX (2004-0008): http://marc.theaimsgroup.com/?l=bugtraq&m=107755871932680&w=2
CERT-VN (VU#981222): http://www.kb.cert.org/vuls/id/981222
CIAC (O-082): http://www.ciac.org/ciac/bulletins/o-082.shtml
OSVDB (3986): http://www.osvdb.org/3986
OVAL (oval:org.mitre.oval:def:825): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:825
OVAL (oval:org.mitre.oval:def:837): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:837
The Aims Group (Second critical mremap() bug found in all Linux, kernel,s): http://marc.theaimsgroup.com/?l=bugtraq&m=107711762014175&w=2
Debian (linux-kernel-2.4.16-arm -- several vulnerabilities): http://www.debian.org/security/2004/dsa-439
ISS X-Force (Linux kernel do_mremap allows elevated privileges): http://xforce.iss.net/xforce/xfdb/15244
Security Focus (bid 9686): http://www.securityfocus.com/bid/9686
Gentoo (Linux kernel do_mremap local privilege escalation vulnerability): http://security.gentoo.org/glsa/glsa-200403-02.xml
VULNWATCH (20040218 Second critical mremap() bug found in all Linux kernels): http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html
CONECTIVA (CLA-2004:820): http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820
DEBIAN (DSA-438): http://www.debian.org/security/2004/dsa-438
DEBIAN (DSA-440): http://www.debian.org/security/2004/dsa-440
DEBIAN (DSA-441): http://www.debian.org/security/2004/dsa-441
DEBIAN (DSA-442): http://www.debian.org/security/2004/dsa-442
DEBIAN (DSA-444): http://www.debian.org/security/2004/dsa-444
DEBIAN (DSA-450): http://www.debian.org/security/2004/dsa-450
DEBIAN (DSA-453): http://www.debian.org/security/2004/dsa-453
DEBIAN (DSA-454): http://www.debian.org/security/2004/dsa-454
DEBIAN (DSA-456): http://www.debian.org/security/2004/dsa-456
DEBIAN (DSA-466): http://www.debian.org/security/2004/dsa-466
DEBIAN (DSA-470): http://www.debian.org/security/2004/dsa-470
DEBIAN (DSA-514): http://www.debian.org/security/2004/dsa-514
DEBIAN (DSA-475): http://www.debian.org/security/2004/dsa-475
FEDORA (FEDORA-2004-079): http://fedoranews.org/updates/FEDORA-2004-079.shtml
MANDRAKE (MDKSA-2004:015): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015
REDHAT (RHSA-2004:065): http://www.redhat.com/support/errata/RHSA-2004-065.html
REDHAT (RHSA-2004:066): http://www.redhat.com/support/errata/RHSA-2004-066.html
REDHAT (RHSA-2004:069): http://www.redhat.com/support/errata/RHSA-2004-069.html
REDHAT (RHSA-2004:106): http://www.redhat.com/support/errata/RHSA-2004-106.html
SLACKWARE (SSA:2004-049): http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
SUSE (SuSE-SA:2004:005): http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
TRUSTIX (2004-0007): http://marc.theaimsgroup.com/?l=bugtraq&m=107712137732553&w=2
TRUSTIX (2004-0008): http://marc.theaimsgroup.com/?l=bugtraq&m=107755871932680&w=2
CERT-VN (VU#981222): http://www.kb.cert.org/vuls/id/981222
CIAC (O-082): http://www.ciac.org/ciac/bulletins/o-082.shtml
OSVDB (3986): http://www.osvdb.org/3986
OVAL (oval:org.mitre.oval:def:825): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:825
OVAL (oval:org.mitre.oval:def:837): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:837