CVE-2003-0985 (GCVE-0-2003-0985)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 02:12
Severity ?
CWE
  • n/a
Summary
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
References
http://secunia.com/advisories/20163 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1082 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-423 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2003-417.html vendor-advisory, x_refsource_REDHAT
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799 vendor-advisory, x_refsource_CONECTIVA
http://www.debian.org/security/2004/dsa-450 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1070 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-440 vendor-advisory, x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=107394143105081&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.debian.org/security/2004/dsa-439 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1067 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-475 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2006/dsa-1069 vendor-advisory, x_refsource_DEBIAN
http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html vendor-advisory, x_refsource_ENGARDE
http://www.debian.org/security/2004/dsa-417 vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2004/dsa-442 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/20202 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2004/dsa-470 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/20338 third-party-advisory, x_refsource_SECUNIA
http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01 vendor-advisory, x_refsource_IMMUNIX
http://www.redhat.com/support/errata/RHSA-2003-416.html vendor-advisory, x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/14135 vdb-entry, x_refsource_XF
http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap x_refsource_CONFIRM
http://www.debian.org/security/2004/dsa-413 vendor-advisory, x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=107340358402129&w=2 mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=107350348418373&w=2 mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=107340814409017&w=2 mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=107332754521495&w=2 vendor-advisory, x_refsource_TRUSTIX
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860 vdb-entry, signature, x_refsource_OVAL
http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html mailing-list, x_refsource_BUGTRAQ
http://www.osvdb.org/3315 vdb-entry, x_refsource_OSVDB
ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U vendor-advisory, x_refsource_SGI
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867 vdb-entry, signature, x_refsource_OVAL
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24 x_refsource_CONFIRM
http://www.securityfocus.com/bid/9356 vdb-entry, x_refsource_BID
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0 x_refsource_CONFIRM
http://isec.pl/vulnerabilities/isec-0013-mremap.txt x_refsource_MISC
http://marc.info/?l=bugtraq&m=107332782121916&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.debian.org/security/2004/dsa-427 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2003-418.html vendor-advisory, x_refsource_REDHAT
http://www.ciac.org/ciac/bulletins/o-045.shtml third-party-advisory, government-resource, x_refsource_CIAC
http://www.redhat.com/support/errata/RHSA-2003-419.html vendor-advisory, x_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/10532 third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/490620 third-party-advisory, x_refsource_CERT-VN
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001 vendor-advisory, x_refsource_MANDRAKE
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20163",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20163"
          },
          {
            "name": "DSA-1082",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1082"
          },
          {
            "name": "DSA-423",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-423"
          },
          {
            "name": "RHSA-2003:417",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-417.html"
          },
          {
            "name": "CLA-2004:799",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000799"
          },
          {
            "name": "DSA-450",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-450"
          },
          {
            "name": "DSA-1070",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1070"
          },
          {
            "name": "DSA-440",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-440"
          },
          {
            "name": "20040112 SmoothWall Project Security Advisory SWP-2004:001",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107394143105081\u0026w=2"
          },
          {
            "name": "DSA-439",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-439"
          },
          {
            "name": "DSA-1067",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1067"
          },
          {
            "name": "DSA-475",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-475"
          },
          {
            "name": "DSA-1069",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1069"
          },
          {
            "name": "ESA-20040105-001",
            "tags": [
              "vendor-advisory",
              "x_refsource_ENGARDE",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html"
          },
          {
            "name": "DSA-417",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-417"
          },
          {
            "name": "DSA-442",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-442"
          },
          {
            "name": "20202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20202"
          },
          {
            "name": "DSA-470",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-470"
          },
          {
            "name": "20338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20338"
          },
          {
            "name": "IMNX-2004-73-001-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_IMMUNIX",
              "x_transferred"
            ],
            "url": "http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01"
          },
          {
            "name": "RHSA-2003:416",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-416.html"
          },
          {
            "name": "linux-domremap-gain-privileges(14135)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14135"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap"
          },
          {
            "name": "DSA-413",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-413"
          },
          {
            "name": "20040105 Linux kernel do_mremap() proof-of-concept exploit code",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107340358402129\u0026w=2"
          },
          {
            "name": "20040107 [slackware-security]  Kernel security update  (SSA:2004-006-01)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107350348418373\u0026w=2"
          },
          {
            "name": "20040106 Linux mremap bug correction",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107340814409017\u0026w=2"
          },
          {
            "name": "2004-0001",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107332754521495\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:860",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860"
          },
          {
            "name": "20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html"
          },
          {
            "name": "3315",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/3315"
          },
          {
            "name": "20040102-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U"
          },
          {
            "name": "oval:org.mitre.oval:def:867",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24"
          },
          {
            "name": "9356",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9356"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file\u0026rev=0\u0026sc=0"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isec.pl/vulnerabilities/isec-0013-mremap.txt"
          },
          {
            "name": "20040105 Linux kernel mremap vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107332782121916\u0026w=2"
          },
          {
            "name": "DSA-427",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-427"
          },
          {
            "name": "RHSA-2003:418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-418.html"
          },
          {
            "name": "O-045",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/o-045.shtml"
          },
          {
            "name": "RHSA-2003:419",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-419.html"
          },
          {
            "name": "SuSE-SA:2004:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html"
          },
          {
            "name": "10532",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10532"
          },
          {
            "name": "VU#490620",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/490620"
          },
          {
            "name": "MDKSA-2004:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-01-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-17T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20163",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20163"
        },
        {
          "name": "DSA-1082",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1082"
        },
        {
          "name": "DSA-423",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-423"
        },
        {
          "name": "RHSA-2003:417",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-417.html"
        },
        {
          "name": "CLA-2004:799",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000799"
        },
        {
          "name": "DSA-450",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-450"
        },
        {
          "name": "DSA-1070",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1070"
        },
        {
          "name": "DSA-440",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-440"
        },
        {
          "name": "20040112 SmoothWall Project Security Advisory SWP-2004:001",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107394143105081\u0026w=2"
        },
        {
          "name": "DSA-439",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-439"
        },
        {
          "name": "DSA-1067",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1067"
        },
        {
          "name": "DSA-475",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-475"
        },
        {
          "name": "DSA-1069",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1069"
        },
        {
          "name": "ESA-20040105-001",
          "tags": [
            "vendor-advisory",
            "x_refsource_ENGARDE"
          ],
          "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html"
        },
        {
          "name": "DSA-417",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-417"
        },
        {
          "name": "DSA-442",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-442"
        },
        {
          "name": "20202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20202"
        },
        {
          "name": "DSA-470",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-470"
        },
        {
          "name": "20338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20338"
        },
        {
          "name": "IMNX-2004-73-001-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_IMMUNIX"
          ],
          "url": "http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01"
        },
        {
          "name": "RHSA-2003:416",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-416.html"
        },
        {
          "name": "linux-domremap-gain-privileges(14135)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14135"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap"
        },
        {
          "name": "DSA-413",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-413"
        },
        {
          "name": "20040105 Linux kernel do_mremap() proof-of-concept exploit code",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107340358402129\u0026w=2"
        },
        {
          "name": "20040107 [slackware-security]  Kernel security update  (SSA:2004-006-01)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107350348418373\u0026w=2"
        },
        {
          "name": "20040106 Linux mremap bug correction",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107340814409017\u0026w=2"
        },
        {
          "name": "2004-0001",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107332754521495\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:860",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860"
        },
        {
          "name": "20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html"
        },
        {
          "name": "3315",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/3315"
        },
        {
          "name": "20040102-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U"
        },
        {
          "name": "oval:org.mitre.oval:def:867",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24"
        },
        {
          "name": "9356",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9356"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file\u0026rev=0\u0026sc=0"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isec.pl/vulnerabilities/isec-0013-mremap.txt"
        },
        {
          "name": "20040105 Linux kernel mremap vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107332782121916\u0026w=2"
        },
        {
          "name": "DSA-427",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-427"
        },
        {
          "name": "RHSA-2003:418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-418.html"
        },
        {
          "name": "O-045",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/o-045.shtml"
        },
        {
          "name": "RHSA-2003:419",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-419.html"
        },
        {
          "name": "SuSE-SA:2004:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html"
        },
        {
          "name": "10532",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10532"
        },
        {
          "name": "VU#490620",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/490620"
        },
        {
          "name": "MDKSA-2004:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20163",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20163"
            },
            {
              "name": "DSA-1082",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1082"
            },
            {
              "name": "DSA-423",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-423"
            },
            {
              "name": "RHSA-2003:417",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-417.html"
            },
            {
              "name": "CLA-2004:799",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000799"
            },
            {
              "name": "DSA-450",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-450"
            },
            {
              "name": "DSA-1070",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1070"
            },
            {
              "name": "DSA-440",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-440"
            },
            {
              "name": "20040112 SmoothWall Project Security Advisory SWP-2004:001",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107394143105081\u0026w=2"
            },
            {
              "name": "DSA-439",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-439"
            },
            {
              "name": "DSA-1067",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1067"
            },
            {
              "name": "DSA-475",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-475"
            },
            {
              "name": "DSA-1069",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1069"
            },
            {
              "name": "ESA-20040105-001",
              "refsource": "ENGARDE",
              "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html"
            },
            {
              "name": "DSA-417",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-417"
            },
            {
              "name": "DSA-442",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-442"
            },
            {
              "name": "20202",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20202"
            },
            {
              "name": "DSA-470",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-470"
            },
            {
              "name": "20338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20338"
            },
            {
              "name": "IMNX-2004-73-001-01",
              "refsource": "IMMUNIX",
              "url": "http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01"
            },
            {
              "name": "RHSA-2003:416",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-416.html"
            },
            {
              "name": "linux-domremap-gain-privileges(14135)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14135"
            },
            {
              "name": "http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap",
              "refsource": "CONFIRM",
              "url": "http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap"
            },
            {
              "name": "DSA-413",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-413"
            },
            {
              "name": "20040105 Linux kernel do_mremap() proof-of-concept exploit code",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107340358402129\u0026w=2"
            },
            {
              "name": "20040107 [slackware-security]  Kernel security update  (SSA:2004-006-01)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107350348418373\u0026w=2"
            },
            {
              "name": "20040106 Linux mremap bug correction",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107340814409017\u0026w=2"
            },
            {
              "name": "2004-0001",
              "refsource": "TRUSTIX",
              "url": "http://marc.info/?l=bugtraq\u0026m=107332754521495\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:860",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860"
            },
            {
              "name": "20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html"
            },
            {
              "name": "3315",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/3315"
            },
            {
              "name": "20040102-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U"
            },
            {
              "name": "oval:org.mitre.oval:def:867",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24"
            },
            {
              "name": "9356",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9356"
            },
            {
              "name": "http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file\u0026rev=0\u0026sc=0",
              "refsource": "CONFIRM",
              "url": "http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file\u0026rev=0\u0026sc=0"
            },
            {
              "name": "http://isec.pl/vulnerabilities/isec-0013-mremap.txt",
              "refsource": "MISC",
              "url": "http://isec.pl/vulnerabilities/isec-0013-mremap.txt"
            },
            {
              "name": "20040105 Linux kernel mremap vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107332782121916\u0026w=2"
            },
            {
              "name": "DSA-427",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-427"
            },
            {
              "name": "RHSA-2003:418",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-418.html"
            },
            {
              "name": "O-045",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/o-045.shtml"
            },
            {
              "name": "RHSA-2003:419",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-419.html"
            },
            {
              "name": "SuSE-SA:2004:003",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html"
            },
            {
              "name": "10532",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10532"
            },
            {
              "name": "VU#490620",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/490620"
            },
            {
              "name": "MDKSA-2004:001",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0985",
    "datePublished": "2004-09-01T04:00:00.000Z",
    "dateReserved": "2003-12-16T00:00:00.000Z",
    "dateUpdated": "2024-08-08T02:12:35.549Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.