CVE-2004-0491
CVSS2.1
发布时间 :2004-12-31 00:00:00
修订时间 :2016-10-17 22:45:42
NMCOS    

[原文]The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.


[CNNVD]Linux Kernel Local MEMLOCK RLIMIT绕过服务拒绝漏洞(CNNVD-200412-958)

        Red Hat Enterprise Linux 3版本的linux-2.4.21-mlock.patch在一个进程开启属于其他进程的页面时,不能正确地维持mlock页面计算。本地用户可以加锁比rlimit指定的更多内存。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:1117mlock Memory Page Tracking Vulnerability
oval:org.mitre.oval:def:10672The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages th...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0491
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0491
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-958
(官方数据源) CNNVD

- 其它链接及资源

ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
(UNKNOWN)  SGI  20060402-01-U
http://marc.info/?l=linux-kernel&m=108087017610947&w=2
(UNKNOWN)  MLIST  [linux-kernel] 20040402 Re: disable-cap-mlock
http://www.redhat.com/support/errata/RHSA-2005-472.html
(UNKNOWN)  REDHAT  RHSA-2005:472
http://www.securityfocus.com/bid/13769
(UNKNOWN)  BID  13769

- 漏洞信息

Linux Kernel Local MEMLOCK RLIMIT绕过服务拒绝漏洞
低危 设计错误
2004-12-31 00:00:00 2005-10-20 00:00:00
本地  
        Red Hat Enterprise Linux 3版本的linux-2.4.21-mlock.patch在一个进程开启属于其他进程的页面时,不能正确地维持mlock页面计算。本地用户可以加锁比rlimit指定的更多内存。

- 公告与补丁

        Please see the referenced vendor advisories for details on obtaining and applying fixes.

- 漏洞信息

13932
Multiple Linux linux-2.4.21-mlock.patch mlock Memory Disclosure
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-06-21 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel Local MEMLOCK RLIMIT Bypass Denial Of Service Vulnerability
Design Error 13769
No Yes
2005-05-25 12:00:00 2009-07-12 02:56:00
Discovery of this issue is credited to Mark J. Cox.

- 受影响的程序版本

SGI ProPack 3.0 SP6
SGI ProPack 3.0 SP5
SGI ProPack 3.0 SP4
SGI ProPack 3.0 SP3
SGI ProPack 3.0 SP2
SGI ProPack 3.0 SP1
SGI ProPack 3.0
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 3
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 3
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8

- 漏洞讨论

The 'linux-2.4.21-mlock.patch' for the Linux kernel contains a security vulnerability. Reports indicate that the 'rlimit' restrictions do not correctly account for IPC (Inter-process Communications) functionality; this may result in unprivileged users having the right to 'mlock' memory.

A local attacker may exploit this issue to deny service for legitimate users.

- 漏洞利用


Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

Please see the referenced vendor advisories for details on obtaining and applying fixes.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站