PT-2004-1609 · Red Hat+1 · Red Hat+1

Published

2004-12-31

Updated

2017-10-11

CVE-2004-0491

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux 3

Description The issue arises from the linux-2.4.21-mlock.patch, which fails to correctly update the mlock page count when a process unlocks pages belonging to another process. This allows local users to lock more memory than the limit specified by the rlimit.

Recommendations For Red Hat Enterprise Linux 3, consider applying a patch that correctly maintains the mlock page count to prevent local users from exceeding the specified memory limit.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0491

RHSA-2005:472

RHSA-2005_472

Affected Products

Red Hat

Linux

PT-2004-1609 · Red Hat+1 · Red Hat+1

CVE-2004-0491

Related Identifiers

Affected Products

References · 13