CVE-2004-0077

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.2 through 2.2.25 Linux kernel versions 2.4 through 2.4.24 Linux kernel versions 2.6 through 2.6.2 aa-sources versions prior to 2.4.23-r1

Description The issue is related to multiple vulnerabilities in the Linux kernel, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a local attacker. The do mremap function for the mremap system call does not properly check the return value from the do munmap function when the maximum number of VMA descriptors is exceeded, allowing local users to gain root privileges.

Recommendations For Linux kernel versions 2.2 through 2.2.25, update to a version outside of this range to resolve the issue. For Linux kernel versions 2.4 through 2.4.24, update to a version outside of this range to resolve the issue. For Linux kernel versions 2.6 through 2.6.2, update to a version outside of this range to resolve the issue. For aa-sources versions prior to 2.4.23-r1, update to version 2.4.23-r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable system calls until a patch is available.