This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SuSE-SA:2004:005 (Linux Kernel).
Another bug in the Kernel's do_mremap() function, which is unrelated to
the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz.
The do_mremap() function of the Linux Kernel is used to manage
Virtual Memory Areas (VMAs) which includes moving, removing and
resizing of memory areas. To remove old memory areas do_mremap()
uses the function du_munmap() without checking the return value.
By forcing do_munmap() to return an error the memory management of
a process can be tricked into moving page table entries from one VMA
to another. The destination VMA may be protected by a different ACL
which enables a local attacker to gain write access to previous read-only
The result will be local root access to the system.
Additionally to the bug mentioned above some other bugs were fixed
(depending on architecture) that can cause local denial-of-service
- Vicam USB driver: CVE-2004-0075
+ denial-of-service due to problem while
copying data from user to kernel space
- Direct Render Infrastructure: CVE-2004-0003
+ denial-of-service due to integer overflow
+ needs r128 card and console to be exploited
- ncpfs/ncp_lookup: CVE-2004-0010
+ buffer overflow with the probability to
+ malformed elf binaries can lead to a local
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.6
Public Exploit Available : true