Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:
CVE Vulnerabilities
39671
Checklists
129
US-CERT Alerts
187
US-CERT Vuln Notes
2351
OVAL Queries
2517
CPE Names
17905

Last updated: Sun Nov 22 09:44:02 EST 2009

CVE Publication rate: 9.9

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index

Vulnerability Workload Index: 5.4

About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Cyber-Alert System

Vulnerability Summary for CVE-2004-0077

Original release date:03/03/2004
Last revised:09/05/2008
Source: US-CERT/NIST

Overview

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:7.2 (HIGH) (AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 3.9
CVSS Version 2 Metrics:
Access Vector: Locally exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#981222
Name: VU#981222
Hyperlink:http://www.kb.cert.org/vuls/id/981222
External Source: BID
Name: 9686
Type: Advisory; Patch Information
Hyperlink:http://www.securityfocus.com/bid/9686
External Source: DEBIAN
Name: DSA-439
Type: Advisory; Patch Information
Hyperlink:http://www.debian.org/security/2004/dsa-439
External Source: GENTOO
Name: GLSA-200403-02
Type: Advisory; Patch Information
Hyperlink:http://security.gentoo.org/glsa/glsa-200403-02.xml
External Source: XF
Name: linux-mremap-gain-privileges(15244)
Type: Advisory
Hyperlink:http://xforce.iss.net/xforce/xfdb/15244
External Source: BUGTRAQ
Name: 20040218 Second critical mremap() bug found in all Linux kernels
Type: Advisory
Hyperlink:http://marc.theaimsgroup.com/?l=bugtraq&m=107711762014175&w=2
External Source: MISC
Name: http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
Hyperlink:http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
External Source: SLACKWARE
Name: SSA:2004-049
Hyperlink:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
External Source: REDHAT
Name: RHSA-2004:106
Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-106.html
External Source: REDHAT
Name: RHSA-2004:069
Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-069.html
External Source: REDHAT
Name: RHSA-2004:066
Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-066.html
External Source: REDHAT
Name: RHSA-2004:065
Hyperlink:http://www.redhat.com/support/errata/RHSA-2004-065.html
External Source: OSVDB
Name: 3986
Hyperlink:http://www.osvdb.org/3986
External Source: SUSE
Name: SuSE-SA:2004:005
Hyperlink:http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
External Source: DEBIAN
Name: DSA-514
Hyperlink:http://www.debian.org/security/2004/dsa-514
External Source: DEBIAN
Name: DSA-475
Hyperlink:http://www.debian.org/security/2004/dsa-475
External Source: DEBIAN
Name: DSA-470
Hyperlink:http://www.debian.org/security/2004/dsa-470
External Source: DEBIAN
Name: DSA-466
Hyperlink:http://www.debian.org/security/2004/dsa-466
External Source: DEBIAN
Name: DSA-456
Hyperlink:http://www.debian.org/security/2004/dsa-456
External Source: DEBIAN
Name: DSA-454
Hyperlink:http://www.debian.org/security/2004/dsa-454
External Source: DEBIAN
Name: DSA-453
Hyperlink:http://www.debian.org/security/2004/dsa-453
External Source: DEBIAN
Name: DSA-450
Hyperlink:http://www.debian.org/security/2004/dsa-450
External Source: DEBIAN
Name: DSA-444
Hyperlink:http://www.debian.org/security/2004/dsa-444
External Source: DEBIAN
Name: DSA-442
Hyperlink:http://www.debian.org/security/2004/dsa-442
External Source: DEBIAN
Name: DSA-441
Hyperlink:http://www.debian.org/security/2004/dsa-441
External Source: DEBIAN
Name: DSA-440
Hyperlink:http://www.debian.org/security/2004/dsa-440
External Source: DEBIAN
Name: DSA-438
Hyperlink:http://www.debian.org/security/2004/dsa-438
External Source: CIAC
Name: O-082
Hyperlink:http://www.ciac.org/ciac/bulletins/o-082.shtml
External Source: TRUSTIX
Name: 2004-0008
Hyperlink:http://marc.theaimsgroup.com/?l=bugtraq&m=107755871932680&w=2
External Source: TRUSTIX
Name: 2004-0007
Hyperlink:http://marc.theaimsgroup.com/?l=bugtraq&m=107712137732553&w=2
External Source: MANDRAKE
Name: MDKSA-2004:015
Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015
External Source: FEDORA
Name: FEDORA-2004-079
Hyperlink:http://fedoranews.org/updates/FEDORA-2004-079.shtml
External Source: CONECTIVA
Name: CLA-2004:820
Hyperlink:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820
External Source: VULNWATCH
Name: 20040218 Second critical mremap() bug found in all Linux kernels
Hyperlink:http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html
US Government Resource: oval:org.mitre.oval:def:837
Name: oval:org.mitre.oval:def:837
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:837
US Government Resource: oval:org.mitre.oval:def:825
Name: oval:org.mitre.oval:def:825
Type: Tool Signature
Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:825

Vulnerable software and versions

Nav control imageConfiguration 1
line trunkNav control imageOR
line trunkspacerNav control image* cpe:/a:redhat:bigmem_kernel:2.4.20-8::i686
line trunkspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::athlon_smp
line trunkspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::i386
line trunkspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::i686_smp
line trunkspacerNav control image* cpe:/a:redhat:kernel_doc:2.4.20-8::i386
Nav control imageConfiguration 2
spacerNav control imageAND
spacerspacerNav control imageOR
spacerspacerline trunkNav control image* cpe:/a:redhat:kernel_source:2.4.20-8::i386_src
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.0
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.10
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.11
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.12
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.13
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.14
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.15
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.15:pre16
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.15_pre20
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.16
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.16:pre6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.17
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.18
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.19
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.20
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.21
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.22
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.23
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.24
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.8
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.2.9
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test10
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test11
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test12
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test8
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.0:test9
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.10
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.11
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.12
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.13
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.14
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.15
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.16
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.17
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18::x86
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.18:pre8
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.19:pre6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.20
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.21
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.21:pre1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.21:pre4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.21:pre7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.22
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.23
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.23:pre9
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.24
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.8
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.4.9
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test10
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test11
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test3
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test4
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test5
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test6
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test7
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test8
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.0:test9
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.1:rc1
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.1:rc2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6.2
spacerspacerline trunkNav control image* cpe:/o:linux:linux_kernel:2.6_test9_cvs
spacerspacerline trunkNav control image* cpe:/o:netwosix:netwosix_linux:1.0
spacerspacerline trunkNav control image* cpe:/o:trustix:secure_linux:1.5
spacerspacerline trunkNav control image* cpe:/o:trustix:secure_linux:2.0
spacerspacerNav control imageOR
spacerspacerspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::athlon
spacerspacerspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::i386
spacerspacerspacerNav control image* cpe:/a:redhat:kernel:2.4.20-8::i686
* Denotes Vulnerable Software
* Changes related to vulnerability configurations

Technical Details

Vulnerability Type (View All)
CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0077