ID CVE-2004-0003
Summary Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
References
Vulnerable Configurations
  • Linux Kernel 2.4.22
    cpe:2.3:o:linux:linux_kernel:2.4.22
CVSS
Base: 4.6 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-015.NASL
    description Paul Staretz discovered a flaw in return value checking in the mremap() function in the Linux kernel, versions 2.4.24 and previous that could allow a local user to obtain root privileges. A vulnerability was found in the R128 DRI driver by Alan Cox. This could allow local privilege escalation. A flaw in the ncp_lookup() function in the ncpfs code (which is used to mount NetWare volumes or print to NetWare printers) was found by Arjen van de Ven that could allow local privilege escalation. The Vicam USB driver in Linux kernel versions prior to 2.4.25 does not use the copy_from_user function to access userspace, which crosses security boundaries. This problem does not affect the Mandrake Linux 9.2 kernel. Additionally, a ptrace hole that only affects the amd64/x86_64 platform has been corrected. The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at : http://www.mandrakesecure.net/en/kernelupdate.php
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14115
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14115
    title Mandrake Linux Security Advisory : kernel (MDKSA-2004:015)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-044.NASL
    description Updated kernel packages are now available that fix a few security issues, an NFS performance issue, and an e1000 driver loading issue introduced in Update 3. The Linux kernel handles the basic functions of the operating system. Alan Cox found issues in the R128 Direct Render Infrastructure that could allow local privilege escalation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0003 to this issue. The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0700 to this issue. An overflow was found in the ixj telephony card driver in Linux kernels prior to 2.4.20. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-1574 to this issue. All users are advised to upgrade to these errata packages, which contain backported security patches that corrects these issues. These packages also contain a fix to enhance NFS performance, which was degraded in the last kernel update as part of Update 3.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12458
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12458
    title RHEL 2.1 : kernel (RHSA-2004:044)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SA_2004_005.NASL
    description The remote host is missing the patch for the advisory SuSE-SA:2004:005 (Linux Kernel). Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing and resizing of memory areas. To remove old memory areas do_mremap() uses the function du_munmap() without checking the return value. By forcing do_munmap() to return an error the memory management of a process can be tricked into moving page table entries from one VMA to another. The destination VMA may be protected by a different ACL which enables a local attacker to gain write access to previous read-only pages. The result will be local root access to the system. Additionally to the bug mentioned above some other bugs were fixed (depending on architecture) that can cause local denial-of-service conditions: - Vicam USB driver: CVE-2004-0075 + denial-of-service due to problem while copying data from user to kernel space - Direct Render Infrastructure: CVE-2004-0003 + denial-of-service due to integer overflow + needs r128 card and console to be exploited - ncpfs/ncp_lookup: CVE-2004-0010 + buffer overflow with the probability to gain root - execve(): + malformed elf binaries can lead to a local denial-of-service attack
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 13823
    published 2004-07-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13823
    title SuSE-SA:2004:005: Linux Kernel
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-489.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the MIPS and MIPSel architectures. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6. The following security matrix explains which kernel versions for which architectures are already fixed and which will be removed instead. Architecture stable (woody) unstable (sid) removed in sid source 2.4.17-1woody3 2.4.25-3 2.4.19-11 mips 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.8 mipsel 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.9
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15326
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15326
    title Debian DSA-489-1 : linux-kernel-2.4.17-mips+mipsel - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-479.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.18 for the alpha, i386 and powerpc architectures. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6. The following security matrix explains which kernel versions for which architectures are already fixed. Kernel images in the unstable Debian distribution (sid) will be fixed soon. Architecture stable (woody) unstable (sid) removed in sid source 2.4.18-14.3 2.4.25-3 -- alpha 2.4.18-15 soon -- i386 2.4.18-13 soon -- i386bf 2.4.18-5woody8 soon -- powerpc 2.4.18-1woody5 2.4.25-8 2.4.22
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15316
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15316
    title Debian DSA-479-1 : linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-029.NASL
    description A vulnerability was found in the R128 DRI driver by Alan Cox. This could allow local privilege escalation. The previous fix, in MDKSA-2004:015 only partially corrected the problem; the full fix is included (CVE-2004-0003). A local root vulnerability was discovered in the isofs component of the Linux kernel by iDefense. This vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO filesystem, or attempting to access a file via a malformed symlink on such a filesystem (CVE-2004-0109). An information leak was discovered in the ext3 filesystem code by Solar Designer. It was discovered that when creating or writing to an ext3 filesystem, some amount of other in-memory data gets written to the device. The data is not the file's contents, not something on the same filesystem, or even anything that was previously in a file at all. To obtain this data, a user needs to read the raw device (CVE-2004-0177). The same vulnerability was also found in the XFS filesystem code (CVE-2004-0133) and the JFS filesystem code (CVE-2004-0181). Finally, a vulnerability in the OSS code for SoundBlaster 16 devices was discovered by Andreas Kies. It is possible for local users with access to the sound system to crash the machine (CVE-2004-0178). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at : http://www.mandrakesecure.net/en/kernelupdate.php
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14128
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14128
    title Mandrake Linux Security Advisory : kernel (MDKSA-2004:029)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-481.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the IA-64 architecture. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15318
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15318
    title Debian DSA-481-1 : linux-kernel-2.4.17-ia64 - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-491.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.19 for the MIPS architecture. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6. The following security matrix explains which kernel versions for which architectures are already fixed and which will be removed instead. Architecture stable (woody) unstable (sid) removed in sid source 2.4.19-4.woody2 2.4.25-3 2.4.19-11 mips 2.4.19-0.020911.1.woody4 2.4.25-0.040415.1 2.4.19-0.020911.8
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15328
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15328
    title Debian DSA-491-1 : linux-kernel-2.4.19-mips - several vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-188.NASL
    description Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the second regular update. The Linux kernel handles the basic functions of the operating system. This is the second regular kernel update to Red Hat Enterprise Linux version 3. It contains several minor security fixes, many bug fixes, device driver updates, new hardware support, and the introduction of Linux Syscall Auditing support. There were bug fixes in many different parts of the kernel, the bulk of which addressed unusual situations such as error handling, race conditions, and resource starvation. The combined effect of the approximately 140 fixes is a strong improvement in the reliability and durability of Red Hat Enterprise Linux. Some of the key areas affected are disk drivers, network drivers, USB support, x86_64 and ppc64 platform support, ia64 32-bit emulation layer enablers, and the VM, NFS, IPv6, and SCSI subsystems. A significant change in the SCSI subsystem (the disabling of the scsi-affine-queue patch) should significantly improve SCSI disk driver performance in many scenarios. There were 10 Bugzillas against SCSI performance problems addressed by this change. The following drivers have been upgraded to new versions : bonding ---- 2.4.1 cciss ------ 2.4.50.RH1 e1000 ------ 5.2.30.1-k1 fusion ----- 2.05.11.03 ipr -------- 1.0.3 ips -------- 6.11.07 megaraid2 -- 2.10.1.1 qla2x00 ---- 6.07.02-RH1 tg3 -------- 3.1 z90crypt --- 1.1.4 This update introduces support for the new Intel EM64T processor. A new 'ia32e' architecture has been created to support booting on platforms based on either the original AMD Opteron CPU or the new Intel EM64T CPU. The existing 'x86_64' architecture has remained optimized for Opteron systems. Kernels for both types of systems are built from the same x86_64-architecture sources and share a common kernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm). Other highlights in this update include a major upgrade to the SATA infrastructure, addition of IBM JS20 Power Blade support, and creation of an optional IBM eServer zSeries On-Demand Timer facility for reducing idle CPU overhead. The following security issues were addressed in this update : A minor flaw was found where /proc/tty/driver/serial reveals the exact character counts for serial links. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0461 to this issue. The kernel strncpy() function in Linux 2.4 and 2.5 does not pad the target buffer with null bytes on architectures other than x86, as opposed to the expected libc behavior, which could lead to information leaks. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0465 to this issue. A minor data leak was found in two real time clock drivers (for /dev/rtc). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0984 to this issue. A flaw in the R128 Direct Render Infrastructure (dri) driver could allow local privilege escalation. This driver is part of the kernel-unsupported package. The Common Vulnera- bilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0003 to this issue. A flaw in ncp_lookup() in ncpfs could allow local privilege escalation. The ncpfs module allows a system to mount volumes of NetWare servers or print to NetWare printers and is in the kernel-unsupported package. The Common Vulnera- bilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0010 to this issue. (Note that the kernel-unsupported package contains drivers and other modules that are unsupported and therefore might contain security problems that have not been addressed.) All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12494
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12494
    title RHEL 3 : kernel (RHSA-2004:188)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-495.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.16 for the ARM architecture. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2003-0127 The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case a local attacker could obtain sensitive information (such as cryptographic keys in another worst case) which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6. The following security matrix explains which kernel versions for which architectures are already fixed and which will be removed instead. Architecture stable (woody) unstable (sid) source 2.4.16-1woody2 2.4.25-3 arm/patch 20040419 20040316 arm/lart 20040419 2.4.25-4 arm/netwinder 20040419 2.4.25-4 arm/riscpc 20040419 2.4.25-4
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15332
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15332
    title Debian DSA-495-1 : linux-kernel-2.4.16-arm - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-482.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the PowerPC/apus and S/390 architectures. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6. The following security matrix explains which kernel versions for which architectures are already fixed. Architecture stable (woody) unstable (sid) source 2.4.17-1woody3 2.4.25-3 powerpc/apus 2.4.17-5 2.4.25-2 s390 2.4.17-2.woody.4 2.4.25-2 (and probably 2.4.21-3)
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15319
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15319
    title Debian DSA-482-1 : linux-kernel-2.4.17-apus+s390 - several vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-480.NASL
    description Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 and 2.4.18 for the hppa (PA-RISC) architecture. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update : - CAN-2004-0003 A vulnerability has been discovered in the R128 DRI driver in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this. - CAN-2004-0010 Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this. - CAN-2004-0109 zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this. - CAN-2004-0177 Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this. - CAN-2004-0178 Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction for this. These problems are also fixed by upstream in Linux 2.4.26 and will be fixed in Linux 2.6.6.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15317
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15317
    title Debian DSA-480-1 : linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities
oval via4
  • accepted 2007-04-25T19:52:12.419-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    description Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
    family unix
    id oval:org.mitre.oval:def:1017
    status accepted
    submitted 2004-05-12T12:00:00.000-04:00
    title Red Hat Enterprise 3 Kernel R128 DRI Limits Checking Vulnerability
    version 34
  • accepted 2007-04-25T19:52:58.430-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
    family unix
    id oval:org.mitre.oval:def:834
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Kernel R128 DRI Limits Checking Vulnerability
    version 36
  • accepted 2013-04-29T04:18:30.060-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
    family unix
    id oval:org.mitre.oval:def:9204
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
    version 24
redhat via4
advisories
  • rhsa
    id RHSA-2004:044
  • rhsa
    id RHSA-2004:065
  • rhsa
    id RHSA-2004:106
  • rhsa
    id RHSA-2004:166
refmap via4
bid 9570
ciac
  • O-082
  • O-121
  • O-126
  • O-127
  • O-145
confirm http://www.linuxcompatible.org/print25630.html
debian
  • DSA-479
  • DSA-480
  • DSA-481
  • DSA-482
  • DSA-489
  • DSA-491
  • DSA-495
mandrake MDKSA-2004:029
secunia
  • 10782
  • 10911
  • 10912
  • 11202
  • 11361
  • 11362
  • 11369
  • 11370
  • 11376
  • 11464
  • 11891
  • 12075
suse SuSE-SA:2004:005
turbo TLSA-2004-14
xf linux-r128-gain-priviliges(15029)
Last major update 21-08-2010 - 00:19
Published 03-03-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top