SuSE-SA:2004:005: Linux Kernel

This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.

Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SuSE-SA:2004:005 (Linux Kernel).

Another bug in the Kernel's do_mremap() function, which is unrelated to
the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz.
The do_mremap() function of the Linux Kernel is used to manage
Virtual Memory Areas (VMAs) which includes moving, removing and
resizing of memory areas. To remove old memory areas do_mremap()
uses the function du_munmap() without checking the return value.
By forcing do_munmap() to return an error the memory management of
a process can be tricked into moving page table entries from one VMA
to another. The destination VMA may be protected by a different ACL
which enables a local attacker to gain write access to previous read-only
The result will be local root access to the system.

Additionally to the bug mentioned above some other bugs were fixed
(depending on architecture) that can cause local denial-of-service
- Vicam USB driver: CVE-2004-0075
+ denial-of-service due to problem while
copying data from user to kernel space
- Direct Render Infrastructure: CVE-2004-0003
+ denial-of-service due to integer overflow
+ needs r128 card and console to be exploited
- ncpfs/ncp_lookup: CVE-2004-0010
+ buffer overflow with the probability to
gain root
- execve():
+ malformed elf binaries can lead to a local
denial-of-service attack

Solution :

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.6
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 13823 ()

Bugtraq ID: 9570

CVE ID: CVE-2004-0003

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now