CERTA-2004-AVI-042

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Il a été reporté qu'une nouvelle vulnérabilité présente dans l'appel système mremap du noyau Linux pourrait être exploitée par un utilisateur mal intentionné afin d'obtenir les privilèges du super-utilisateur root ou réaliser un déni de service par arrêt brutal du système.

Cet appel système ne nécessitant pas de privilèges particuliers, n'importe quel utilisateur peut tenter d'exploiter cette faille.

Bien que similaire à la vulnérabilité présente dans l'avis CERTA-2004-AVI-002, il s'agit bien d'un nouveau problème de sécurité.

Solution

Les versions 2.4.25 et 2.6.3 du noyau Linux corrigent cette vulnérabilité.

None
Impacted products
Vendor Product Description
N/A N/A Linux 2.6.2 et versions antérieures.
N/A N/A Linux 2.4.24 et versions antérieures ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Linux 2.6.2 et versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Linux 2.4.24 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nIl a \u00e9t\u00e9 report\u00e9 qu\u0027une nouvelle vuln\u00e9rabilit\u00e9 pr\u00e9sente dans l\u0027appel\nsyst\u00e8me mremap du noyau Linux pourrait \u00eatre exploit\u00e9e par un utilisateur\nmal intentionn\u00e9 afin d\u0027obtenir les privil\u00e8ges du super-utilisateur root\nou r\u00e9aliser un d\u00e9ni de service par arr\u00eat brutal du syst\u00e8me.\n\nCet appel syst\u00e8me ne n\u00e9cessitant pas de privil\u00e8ges particuliers,\nn\u0027importe quel utilisateur peut tenter d\u0027exploiter cette faille.\n\nBien que similaire \u00e0 la vuln\u00e9rabilit\u00e9 pr\u00e9sente dans l\u0027avis\nCERTA-2004-AVI-002, il s\u0027agit bien d\u0027un nouveau probl\u00e8me de s\u00e9curit\u00e9.\n\n## Solution\n\nLes versions 2.4.25 et 2.6.3 du noyau Linux corrigent cette\nvuln\u00e9rabilit\u00e9.\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SSA:2004-049-01 de Slackware :",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.541911"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-441"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 GLSA 200403-02 de Gentoo :",
      "url": "http://www.securityfocus.com/advisories/6428"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-442"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 2.0 :",
      "url": "http://www.vmware.com/download/esx/esx20-7483update.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RHSA-2004:065 de Red Hat :",
      "url": "http://rhn.redhat.com/errata/RHSA-2004-065.html"
    },
    {
      "title": "Sources du noyau Linux :",
      "url": "http://www.kernel.org"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-439"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SmoothWall :",
      "url": "http://www.smoothwall.org/security/advisories/SWP-2004.002.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-440"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-438"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 2.0.1 :",
      "url": "http://www.vmware.com/download/esx/esx201-7427update.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE-SA:2004:005 de SuSE :",
      "url": "http://www.suse.com/de/security/2004_05_linux_kernel.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 1.5.2 :",
      "url": "http://www.vmware.com/download/esx/esx152-7428update.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :",
      "url": "http://www.debian.org/security/2004/dsa-470"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandrake MDKSA-2004:015 :",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:015"
    }
  ],
  "reference": "CERTA-2004-AVI-042",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-02-18T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rences aux bulletins SuSE-SA:2004:005 et DSA-442.",
      "revision_date": "2004-02-20T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rence au bulletin Mandrake MDKSA-2004:015.",
      "revision_date": "2004-02-25T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rence au bulletin SmoothWall SWP-2004.002.",
      "revision_date": "2004-02-27T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rences aux bulletins Debian DSA-470 et Gentoo GLSA 200403-02.",
      "revision_date": "2004-04-05T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rences aux bulletins de VMware pour ESX Server.",
      "revision_date": "2004-04-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 du noyau linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 isec-0014-mremap-unmap d\u0027Isec",
      "url": "http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.