Main Vulnerability Database SB2004030302

SB2004030302 - Improper input validation in Linux kernel

Published: March 3, 2004

Security Bulletin ID SB2004030302

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper input validation (CVE-ID: CVE-2004-0003)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to read and manipulate data.

Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to 'R128 DRI limits checking.'

Remediation

Install update from vendor's website.

References

http://secunia.com/advisories/10782
http://secunia.com/advisories/10911
http://secunia.com/advisories/10912
http://secunia.com/advisories/11202
http://secunia.com/advisories/11361
http://secunia.com/advisories/11362
http://secunia.com/advisories/11369
http://secunia.com/advisories/11370
http://secunia.com/advisories/11376
http://secunia.com/advisories/11464
http://secunia.com/advisories/11891
http://secunia.com/advisories/12075
http://www.ciac.org/ciac/bulletins/o-082.shtml
http://www.ciac.org/ciac/bulletins/o-121.shtml
http://www.ciac.org/ciac/bulletins/o-126.shtml
http://www.ciac.org/ciac/bulletins/o-127.shtml
http://www.ciac.org/ciac/bulletins/o-145.shtml
http://www.debian.org/security/2004/dsa-479
http://www.debian.org/security/2004/dsa-480
http://www.debian.org/security/2004/dsa-481
http://www.debian.org/security/2004/dsa-482
http://www.debian.org/security/2004/dsa-489
http://www.debian.org/security/2004/dsa-491
http://www.debian.org/security/2004/dsa-495
http://www.linuxcompatible.org/print25630.html
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029
http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
http://www.redhat.com/support/errata/RHSA-2004-044.html
http://www.redhat.com/support/errata/RHSA-2004-065.html
http://www.redhat.com/support/errata/RHSA-2004-106.html
http://www.redhat.com/support/errata/RHSA-2004-166.html
http://www.securityfocus.com/bid/9570
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/15029
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9204