CVE-2004-0075

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.25 Red Hat Linux kernel-2.4.20 version Red Hat Linux kernel-smp-2.4.20 version Red Hat Linux kernel-doc-2.4.20 version Red Hat Linux kernel-source-2.4.20 version Red Hat Linux kernel-BOOT-2.4.20 version Red Hat Linux kernel-bigmem-2.4.20 version

Description The issue affects the Linux kernel and Red Hat Linux, allowing for potential disruption of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely. A specific problem is noted in the Vicam USB driver, which fails to use the copy from user function when copying data from userspace to kernel space, allowing local users to cause a denial of service.

Recommendations For Linux kernel version prior to 2.4.25, update to version 2.4.25 or later. For Red Hat Linux kernel-2.4.20 version, consider upgrading to a newer version. For Red Hat Linux kernel-smp-2.4.20 version, consider upgrading to a newer version. For Red Hat Linux kernel-doc-2.4.20 version, consider upgrading to a newer version. For Red Hat Linux kernel-source-2.4.20 version, consider upgrading to a newer version. For Red Hat Linux kernel-BOOT-2.4.20 version, consider upgrading to a newer version. For Red Hat Linux kernel-bigmem-2.4.20 version, consider upgrading to a newer version. As a temporary workaround, consider restricting access to the Vicam USB driver until a patch is available.