CVE-2004-0491

Sažetak

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
http://marc.info/?l=linux-kernel&m=108087017610947&w=2
http://secunia.com/advisories/19607
http://www.redhat.com/support/errata/RHSA-2005-472.html
http://www.securityfocus.com/bid/13769
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-10-2017 - 01:29

Objavljeno

31-12-2004 - 05:00