Main Vulnerability Database Vulnerabilities #VU99944

Improper input validation in Linux kernel - CVE-2004-0447

Published: August 6, 2004 / Updated: October 11, 2017

Vulnerability identifier: #VU99944

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2004-0447

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary code.

Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.

How to mitigate CVE-2004-0447

Install update from vendor's repository.

Sources

ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
http://secunia.com/advisories/20162
http://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
http://security.gentoo.org/glsa/glsa-200407-16.xml
http://www.ciac.org/ciac/bulletins/o-193.shtml
http://www.debian.org/security/2006/dsa-1067
http://www.debian.org/security/2006/dsa-1069
http://www.debian.org/security/2006/dsa-1070
http://www.debian.org/security/2006/dsa-1082
http://www.redhat.com/support/errata/RHSA-2004-413.html
http://www.securityfocus.com/bid/10783
https://exchange.xforce.ibmcloud.com/vulnerabilities/16661
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10918

Improper input validation in Linux kernel - CVE-2004-0447

Detailed vulnerability description

How to mitigate CVE-2004-0447

Sources

Please verify you're human