CVE-2004-0003
CVSS4.6
发布时间 :2004-03-03 00:00:00
修订时间 :2010-08-21 00:19:25
NMCOS    

[原文]Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."


[CNNVD]Linux Kernel R128 设备驱动未明权限提升漏洞(CNNVD-200403-047)

        
        Linux Kernel是一款开放源代码的操作系统。
        Linux Kernel包含的R128设备驱动存在一个R128 DRI限制检查问题,本地攻击者可以利用这个漏洞进行权限提升攻击。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9204Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
oval:org.mitre.oval:def:834Red Hat Kernel R128 DRI Limits Checking Vulnerability
oval:org.mitre.oval:def:1017Red Hat Enterprise 3 Kernel R128 DRI Limits Checking Vulnerability
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0003
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0003
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200403-047
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2004-044.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:044
http://www.linuxcompatible.org/print25630.html
(VENDOR_ADVISORY)  CONFIRM  http://www.linuxcompatible.org/print25630.html
http://www.redhat.com/support/errata/RHSA-2004-065.html
(UNKNOWN)  REDHAT  RHSA-2004:065
http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
(UNKNOWN)  SUSE  SuSE-SA:2004:005
http://www.debian.org/security/2004/dsa-495
(UNKNOWN)  DEBIAN  DSA-495
http://www.debian.org/security/2004/dsa-491
(UNKNOWN)  DEBIAN  DSA-491
http://www.debian.org/security/2004/dsa-489
(UNKNOWN)  DEBIAN  DSA-489
http://www.debian.org/security/2004/dsa-482
(UNKNOWN)  DEBIAN  DSA-482
http://www.debian.org/security/2004/dsa-481
(UNKNOWN)  DEBIAN  DSA-481
http://www.debian.org/security/2004/dsa-480
(UNKNOWN)  DEBIAN  DSA-480
http://www.debian.org/security/2004/dsa-479
(UNKNOWN)  DEBIAN  DSA-479
http://xforce.iss.net/xforce/xfdb/15029
(UNKNOWN)  XF  linux-r128-gain-priviliges(15029)
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
(UNKNOWN)  TURBO  TLSA-2004-14
http://www.securityfocus.com/bid/9570
(UNKNOWN)  BID  9570
http://www.redhat.com/support/errata/RHSA-2004-166.html
(UNKNOWN)  REDHAT  RHSA-2004:166
http://www.redhat.com/support/errata/RHSA-2004-106.html
(UNKNOWN)  REDHAT  RHSA-2004:106
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029
(UNKNOWN)  MANDRAKE  MDKSA-2004:029
http://www.ciac.org/ciac/bulletins/o-145.shtml
(UNKNOWN)  CIAC  O-145
http://www.ciac.org/ciac/bulletins/o-127.shtml
(UNKNOWN)  CIAC  O-127
http://www.ciac.org/ciac/bulletins/o-126.shtml
(UNKNOWN)  CIAC  O-126
http://www.ciac.org/ciac/bulletins/o-121.shtml
(UNKNOWN)  CIAC  O-121
http://www.ciac.org/ciac/bulletins/o-082.shtml
(UNKNOWN)  CIAC  O-082
http://secunia.com/advisories/12075
(UNKNOWN)  SECUNIA  12075
http://secunia.com/advisories/11891
(UNKNOWN)  SECUNIA  11891
http://secunia.com/advisories/11464
(UNKNOWN)  SECUNIA  11464
http://secunia.com/advisories/11376
(UNKNOWN)  SECUNIA  11376
http://secunia.com/advisories/11370
(UNKNOWN)  SECUNIA  11370
http://secunia.com/advisories/11369
(UNKNOWN)  SECUNIA  11369
http://secunia.com/advisories/11362
(UNKNOWN)  SECUNIA  11362
http://secunia.com/advisories/11361
(UNKNOWN)  SECUNIA  11361
http://secunia.com/advisories/11202
(UNKNOWN)  SECUNIA  11202
http://secunia.com/advisories/10912
(UNKNOWN)  SECUNIA  10912
http://secunia.com/advisories/10911
(UNKNOWN)  SECUNIA  10911
http://secunia.com/advisories/10782
(UNKNOWN)  SECUNIA  10782

- 漏洞信息

Linux Kernel R128 设备驱动未明权限提升漏洞
中危 边界条件错误
2004-03-03 00:00:00 2005-10-20 00:00:00
本地  
        
        Linux Kernel是一款开放源代码的操作系统。
        Linux Kernel包含的R128设备驱动存在一个R128 DRI限制检查问题,本地攻击者可以利用这个漏洞进行权限提升攻击。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        Linux
        -----
        用户可以升级到最新Linux内核解决此问题:
        
        http://www.kernel.org/

- 漏洞信息

3807
Linux Kernel R128 DRI Limits Checking Privilege Escalation

- 漏洞描述

Linux contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is unspecified, but related to "R128 DRI limits checking." This flaw may lead to a loss of confidentiality, integrity and/or availability.

- 时间线

2004-02-04 2004-02-04
Unknow Unknow

- 解决方案

Upgrade to version 2.4.22 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel R128 Device Driver Unspecified Privilege Escalation Vulnerability
Boundary Condition Error 9570
No Yes
2004-02-03 12:00:00 2009-07-12 02:06:00
Discovery has been credited to Alan Cox.

- 受影响的程序版本

Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
RedHat kernel-2.4.20-8.i686.rpm
RedHat kernel-2.4.20-8.i586.rpm
+ RedHat Linux 9.0 i386
RedHat kernel-2.4.20-8.i386.rpm
RedHat kernel-2.4.20-8.athlon.rpm
+ RedHat Linux 9.0 i386
Red Hat Fedora Core1
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8
Linux kernel 2.4.20
+ CRUX CRUX Linux 1.0
+ Gentoo Linux 1.4
+ Gentoo Linux 1.2
+ RedHat Linux 9.0 i386
+ Slackware Linux 9.0
+ WOLK WOLK 4.4 s
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
Linux kernel 2.4.18
+ Astaro Security Linux 2.0 23
+ Astaro Security Linux 2.0 16
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0
+ Red Hat Enterprise Linux AS 2.1 IA64
+ RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Linux 8.0
+ RedHat Linux 7.3
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Firewall on CD
+ S.u.S.E. Linux Office Server
+ S.u.S.E. Linux Openexchange Server
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. SuSE eMail Server 3.1
+ S.u.S.E. SuSE eMail Server III
+ SuSE SUSE Linux Enterprise Server 8
+ SuSE SUSE Linux Enterprise Server 7
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
Linux kernel 2.4.12
+ Conectiva Linux 7.0
Linux kernel 2.4.11
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.9
Linux kernel 2.4.8
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0
Linux kernel 2.4.7
+ RedHat Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1
Linux kernel 2.4.6
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.4
Linux kernel 2.4.3
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
Linux kernel 2.4.2
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
Linux kernel 2.4.1
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4
Linux kernel 2.3.99 -pre7
Linux kernel 2.3.99 -pre6
Linux kernel 2.3.99 -pre5
Linux kernel 2.3.99 -pre4
Linux kernel 2.3.99 -pre3
Linux kernel 2.3.99 -pre2
Linux kernel 2.3.99 -pre1
Linux kernel 2.3.99
Linux kernel 2.3 .x
Linux kernel 2.3
Linux kernel 2.2.25
Linux kernel 2.2.24
Linux kernel 2.2.23
Linux kernel 2.2.22
Linux kernel 2.2.21
Linux kernel 2.2.20
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Linux kernel 2.2.19
Linux kernel 2.2.18
+ Caldera OpenLinux 2.4
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux 4.2
+ Conectiva Linux 4.1
+ Conectiva Linux 4.0 es
+ Conectiva Linux 4.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ Mandriva Linux Mandrake 6.1
+ Mandriva Linux Mandrake 6.0
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.1 sparc
+ RedHat Linux 6.1 i386
+ RedHat Linux 6.1 alpha
+ RedHat Linux 6.0 sparc
+ RedHat Linux 6.0 alpha
+ RedHat Linux 6.0
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.3 ppc
+ S.u.S.E. Linux 6.3 alpha
+ S.u.S.E. Linux 6.3
+ S.u.S.E. Linux 6.1 alpha
+ S.u.S.E. Linux 6.1
+ S.u.S.E. Linux 6.0
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Slackware Linux 7.1
+ Slackware Linux 7.0
+ Slackware Linux 4.0
+ Wirex Immunix OS 7.0 -Beta
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 6.2
Linux kernel 2.2.17
+ Mandriva Linux Mandrake 7.2
+ S.u.S.E. Linux 7.0
+ Trustix Secure Linux 1.2
Linux kernel 2.2.16 pre6
Linux kernel 2.2.16
+ RedHat Linux 7.0
+ Sun Cobalt Qube 3
+ Sun Cobalt RaQ XTR
+ Trustix Secure Linux 1.1
Linux kernel 2.2.15 pre20
Linux kernel 2.2.15 pre16
Linux kernel 2.2.15
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 7.1
Linux kernel 2.2.14
+ Red Hat Linux 6.2
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Sun Cobalt RaQ 4
Linux kernel 2.2.13
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.3
Linux kernel 2.2.12
Linux kernel 2.2.11
Linux kernel 2.2.10
+ Caldera OpenLinux 2.3
Linux kernel 2.2.9
Linux kernel 2.2.8
Linux kernel 2.2.7
Linux kernel 2.2.6
Linux kernel 2.2.5
Linux kernel 2.2.4
Linux kernel 2.2.3
Linux kernel 2.2.2
Linux kernel 2.2.1
Linux kernel 2.2 .x
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
Linux kernel 2.2
Linux kernel 2.1.89
Linux kernel 2.1 .x
Linux kernel 2.1
Linux kernel 2.0.39
Linux kernel 2.0.38
Linux kernel 2.0.37
Linux kernel 2.0.36
Linux kernel 2.0.35
Linux kernel 2.0.34
Linux kernel 2.0.33
Linux kernel 2.0.32
Linux kernel 2.0.31
Linux kernel 2.0.30
Linux kernel 2.0.29
Linux kernel 2.0.28
Linux kernel 2.0.27
Linux kernel 2.0.26
Linux kernel 2.0.25
Linux kernel 2.0.24
Linux kernel 2.0.23
Linux kernel 2.0.22
Linux kernel 2.0.21
Linux kernel 2.0.20
Linux kernel 2.0.19
Linux kernel 2.0.18
Linux kernel 2.0.17
Linux kernel 2.0.16
Linux kernel 2.0.15
Linux kernel 2.0.14
Linux kernel 2.0.13
Linux kernel 2.0.12
Linux kernel 2.0.11
Linux kernel 2.0.10
Linux kernel 2.0.9
Linux kernel 2.0.8
Linux kernel 2.0.7
Linux kernel 2.0.6
Linux kernel 2.0.5
Linux kernel 2.0.4
Linux kernel 2.0.3
Linux kernel 2.0.2
Linux kernel 2.0.1
Linux kernel 2.0 .x
Linux kernel 2.0
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.9
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.6
Linux kernel 2.5.5
Linux kernel 2.5.4
Linux kernel 2.5.3
Linux kernel 2.5.2
Linux kernel 2.5.1
Linux kernel 2.5 .0
Linux kernel 2.4.24
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23
+ Trustix Secure Linux 2.0
Linux kernel 2.4.22
+ Devil-Linux Devil-Linux 1.0.5
+ Devil-Linux Devil-Linux 1.0.4
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Red Hat Fedora Core1
+ Slackware Linux 9.1

- 不受影响的程序版本

Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.9
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.6
Linux kernel 2.5.5
Linux kernel 2.5.4
Linux kernel 2.5.3
Linux kernel 2.5.2
Linux kernel 2.5.1
Linux kernel 2.5 .0
Linux kernel 2.4.24
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23
+ Trustix Secure Linux 2.0
Linux kernel 2.4.22
+ Devil-Linux Devil-Linux 1.0.5
+ Devil-Linux Devil-Linux 1.0.4
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Red Hat Fedora Core1
+ Slackware Linux 9.1

- 漏洞讨论

It has been reported that he Linux Kernel is prone to an unspecified privilege escalation vulnerability. The issue is reportedly due to an R128 DRI limits checking issue and may lead to privilege escalation on affected systems.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

This issue has been resolved in later versions of the Linux kernel. Upgrading to a later version will eliminate this vulnerability.

Conectiva has released advisory CLA-2004:846 to provide Kernel updates to address this and other issues for Conectiva 8 and 9. Please see the referenced advisory for further details regarding obtaining and applying appropriate updates.

Turbolinux has released a security announcement (TLSA-2004-05-21) providing fixes that can be applied to x86 architecture based computers. Turbolinux users are advised to employ the turboupdate, turbopkg, and zabom utilities as a Superuser in order to obtain and apply appropriate fixes. Please see the referenced advisory for further details regarding obtaining and applying fixes.

Mandrake has released an advisory (MDKSA-2004:015) with fixes to address this issue. Please see the referenced advisory for more information.

Red Hat has released an advisory FEDORA-2004-063 for Fedora Core 1. Please see the referenced advisory for more information.

RedHat has released an advisory RHSA-2004:065-01 to address this and other issues. Please see the referenced advisory for more information.

SuSE has released advisory SA:2004:005 dealing with this issue. Please see the referenced advisory for more information.

Mandrake has released an updated advisory MDKSA-2004:015-1 to address this and other issues. Please see the referenced advisory for more information.

Fedora has released legacy advisory update FLSA:1284 fixing this issue in Red Hat linux 7.2, 7.3 and 8.0 for the i386, i586, i686 and athlon architectures. Please see the referenced advisory for details.

Debian has released advisories DSA 479-1 and DSA 482-1 as well as fixes dealing with this and other issues. Please see the referenced advisory for more information and details on obtaining fixes.

Mandrake has released advisory MDKSA-2004:029 along with fixes that deal with this issue. It should be noted that the previous advisory released by Mandrake did not resolve this issue entirely. Please see the reference section for more information and details on obtaining fixes.

Debian has released an update to the advisory DSA 479-1 providing fixes that deal with the IA-32 architecture. Apparently the original fixes are broken due to a build error. Please see the attached advisory for more information and details on obtaining updated fixes.

Debian has released advisory DSA 489-1 to provide updates for Linux 2.4.17 for the PowerPC/apus and S/390 architectures. Please see the attached advisory for details on applying and obtaining fixes.

Debian has released advisory DSA 491-1 to provide updates for Linux 2.4.19 on the MIPS architecture. Please see the attached advisory for details on applying and obtaining fixes.

Rad Hat has released advisory RHSA-2004:166-08 and fixes for Red Hat Linux version 9. It shoud be noted that this advisory supercedes advisory RHSA-2004:065-01, which was previously relesed. Please see the referenced advisory for more information.

Debian has released an advisory (DSA 495-1) to address various issues in the Linux kernel. This advisory contains fixes for the ARM architecture. Please see the referenced advisory for more information.

Red Hat has released advisory RHSA-2004:188-14 dealing with this and other issues for their enterprise linux distribution. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.


RedHat kernel-2.4.20-8.athlon.rpm

Red Hat Fedora Core1

Linux kernel 2.2.14

Linux kernel 2.4.17

Linux kernel 2.4.18

Linux kernel 2.4.20

Linux kernel 2.4.21

Linux kernel 2.4.5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站