Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
Linux Kernel
(Unknown)
Описание
Как исправить
Ссылки
Red Hat (Updated kernel resolves security vulnerability): http://www.redhat.com/support/errata/RHSA-2003-417.html
LinuxSecurity.com (bug and security fixes): http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html
The Aims Group (Linux kernel mremap vulnerability): http://marc.theaimsgroup.com/?l=bugtraq&m=107332782121916&w=2
Security Focus (bid 9356): http://www.securityfocus.com/bid/9356
ISS X-Force (Linux kernel do_mremap allows elevated privileges): http://xforce.iss.net/xforce/xfdb/14135
MISC (http://isec.pl/vulnerabilities/isec-0013-mremap.txt): http://isec.pl/vulnerabilities/isec-0013-mremap.txt
BUGTRAQ (20040105 Linux kernel do_mremap() proof-of-concept exploit code): http://marc.theaimsgroup.com/?l=bugtraq&m=107340358402129&w=2
BUGTRAQ (20040106 Linux mremap bug correction): http://marc.theaimsgroup.com/?l=bugtraq&m=107340814409017&w=2
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0
http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap
DEBIAN (DSA-423): http://www.debian.org/security/2004/dsa-423
DEBIAN (DSA-450): http://www.debian.org/security/2004/dsa-450
DEBIAN (DSA-1070): http://www.debian.org/security/2006/dsa-1070
DEBIAN (DSA-1067): http://www.debian.org/security/2006/dsa-1067
DEBIAN (DSA-1069): http://www.debian.org/security/2006/dsa-1069
DEBIAN (DSA-1082): http://www.debian.org/security/2006/dsa-1082
DEBIAN (DSA-413): http://www.debian.org/security/2004/dsa-413
DEBIAN (DSA-417): http://www.debian.org/security/2004/dsa-417
DEBIAN (DSA-427): http://www.debian.org/security/2004/dsa-427
DEBIAN (DSA-439): http://www.debian.org/security/2004/dsa-439
DEBIAN (DSA-440): http://www.debian.org/security/2004/dsa-440
DEBIAN (DSA-442): http://www.debian.org/security/2004/dsa-442
DEBIAN (DSA-470): http://www.debian.org/security/2004/dsa-470
DEBIAN (DSA-475): http://www.debian.org/security/2004/dsa-475
SUSE (SuSE-SA:2004:003): http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html
CONECTIVA (CLA-2004:799): http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799
REDHAT (RHSA-2003:416): http://www.redhat.com/support/errata/RHSA-2003-416.html
REDHAT (RHSA-2003:418): http://www.redhat.com/support/errata/RHSA-2003-418.html
REDHAT (RHSA-2003:419): http://www.redhat.com/support/errata/RHSA-2003-419.html
IMMUNIX (IMNX-2004-73-001-01): http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01
MANDRAKE (MDKSA-2004:001): http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001
SGI (20040102-01-U): ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U
TRUSTIX (2004-0001): http://marc.theaimsgroup.com/?l=bugtraq&m=107332754521495&w=2
BUGTRAQ (20040107 [slackware-security] Kernel security update (SSA:2004-006-01)): http://marc.theaimsgroup.com/?l=bugtraq&m=107350348418373&w=2
BUGTRAQ (20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)): http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html
BUGTRAQ (20040112 SmoothWall Project Security Advisory SWP-2004:001): http://marc.theaimsgroup.com/?l=bugtraq&m=107394143105081&w=2
CERT-VN (VU#490620): http://www.kb.cert.org/vuls/id/490620
CIAC (O-045): http://www.ciac.org/ciac/bulletins/o-045.shtml
OSVDB (3315): http://www.osvdb.org/3315
OVAL (oval:org.mitre.oval:def:860): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:860
OVAL (oval:org.mitre.oval:def:867): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:867
LinuxSecurity.com (bug and security fixes): http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html
The Aims Group (Linux kernel mremap vulnerability): http://marc.theaimsgroup.com/?l=bugtraq&m=107332782121916&w=2
Security Focus (bid 9356): http://www.securityfocus.com/bid/9356
ISS X-Force (Linux kernel do_mremap allows elevated privileges): http://xforce.iss.net/xforce/xfdb/14135
MISC (http://isec.pl/vulnerabilities/isec-0013-mremap.txt): http://isec.pl/vulnerabilities/isec-0013-mremap.txt
BUGTRAQ (20040105 Linux kernel do_mremap() proof-of-concept exploit code): http://marc.theaimsgroup.com/?l=bugtraq&m=107340358402129&w=2
BUGTRAQ (20040106 Linux mremap bug correction): http://marc.theaimsgroup.com/?l=bugtraq&m=107340814409017&w=2
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0
http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap
DEBIAN (DSA-423): http://www.debian.org/security/2004/dsa-423
DEBIAN (DSA-450): http://www.debian.org/security/2004/dsa-450
DEBIAN (DSA-1070): http://www.debian.org/security/2006/dsa-1070
DEBIAN (DSA-1067): http://www.debian.org/security/2006/dsa-1067
DEBIAN (DSA-1069): http://www.debian.org/security/2006/dsa-1069
DEBIAN (DSA-1082): http://www.debian.org/security/2006/dsa-1082
DEBIAN (DSA-413): http://www.debian.org/security/2004/dsa-413
DEBIAN (DSA-417): http://www.debian.org/security/2004/dsa-417
DEBIAN (DSA-427): http://www.debian.org/security/2004/dsa-427
DEBIAN (DSA-439): http://www.debian.org/security/2004/dsa-439
DEBIAN (DSA-440): http://www.debian.org/security/2004/dsa-440
DEBIAN (DSA-442): http://www.debian.org/security/2004/dsa-442
DEBIAN (DSA-470): http://www.debian.org/security/2004/dsa-470
DEBIAN (DSA-475): http://www.debian.org/security/2004/dsa-475
SUSE (SuSE-SA:2004:003): http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html
CONECTIVA (CLA-2004:799): http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799
REDHAT (RHSA-2003:416): http://www.redhat.com/support/errata/RHSA-2003-416.html
REDHAT (RHSA-2003:418): http://www.redhat.com/support/errata/RHSA-2003-418.html
REDHAT (RHSA-2003:419): http://www.redhat.com/support/errata/RHSA-2003-419.html
IMMUNIX (IMNX-2004-73-001-01): http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01
MANDRAKE (MDKSA-2004:001): http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001
SGI (20040102-01-U): ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U
TRUSTIX (2004-0001): http://marc.theaimsgroup.com/?l=bugtraq&m=107332754521495&w=2
BUGTRAQ (20040107 [slackware-security] Kernel security update (SSA:2004-006-01)): http://marc.theaimsgroup.com/?l=bugtraq&m=107350348418373&w=2
BUGTRAQ (20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)): http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html
BUGTRAQ (20040112 SmoothWall Project Security Advisory SWP-2004:001): http://marc.theaimsgroup.com/?l=bugtraq&m=107394143105081&w=2
CERT-VN (VU#490620): http://www.kb.cert.org/vuls/id/490620
CIAC (O-045): http://www.ciac.org/ciac/bulletins/o-045.shtml
OSVDB (3315): http://www.osvdb.org/3315
OVAL (oval:org.mitre.oval:def:860): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:860
OVAL (oval:org.mitre.oval:def:867): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:867