CVE-2004-1016

Current Description

The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.

Basic Data

PublishedJanuary 10, 2005
Last ModifiedMay 03, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.4.0*******
    2.3OSLinuxLinux Kernel2.4.0test1******
    2.3OSLinuxLinux Kernel2.4.0test10******
    2.3OSLinuxLinux Kernel2.4.0test11******
    2.3OSLinuxLinux Kernel2.4.0test12******
    2.3OSLinuxLinux Kernel2.4.0test2******
    2.3OSLinuxLinux Kernel2.4.0test3******
    2.3OSLinuxLinux Kernel2.4.0test4******
    2.3OSLinuxLinux Kernel2.4.0test5******
    2.3OSLinuxLinux Kernel2.4.0test6******
    2.3OSLinuxLinux Kernel2.4.0test7******
    2.3OSLinuxLinux Kernel2.4.0test8******
    2.3OSLinuxLinux Kernel2.4.0test9******
    2.3OSLinuxLinux Kernel2.4.1*******
    2.3OSLinuxLinux Kernel2.4.2*******
    2.3OSLinuxLinux Kernel2.4.3*******
    2.3OSLinuxLinux Kernel2.4.4*******
    2.3OSLinuxLinux Kernel2.4.5*******
    2.3OSLinuxLinux Kernel2.4.6*******
    2.3OSLinuxLinux Kernel2.4.7*******
    2.3OSLinuxLinux Kernel2.4.8*******
    2.3OSLinuxLinux Kernel2.4.9*******
    2.3OSLinuxLinux Kernel2.4.10*******
    2.3OSLinuxLinux Kernel2.4.11*******
    2.3OSLinuxLinux Kernel2.4.12*******
    2.3OSLinuxLinux Kernel2.4.13*******
    2.3OSLinuxLinux Kernel2.4.14*******
    2.3OSLinuxLinux Kernel2.4.15*******
    2.3OSLinuxLinux Kernel2.4.16*******
    2.3OSLinuxLinux Kernel2.4.17*******
    2.3OSLinuxLinux Kernel2.4.18*******
    2.3OSLinuxLinux Kernel2.4.18*x86*****
    2.3OSLinuxLinux Kernel2.4.18pre1******
    2.3OSLinuxLinux Kernel2.4.18pre2******
    2.3OSLinuxLinux Kernel2.4.18pre3******
    2.3OSLinuxLinux Kernel2.4.18pre4******
    2.3OSLinuxLinux Kernel2.4.18pre5******
    2.3OSLinuxLinux Kernel2.4.18pre6******
    2.3OSLinuxLinux Kernel2.4.18pre7******
    2.3OSLinuxLinux Kernel2.4.18pre8******
    2.3OSLinuxLinux Kernel2.4.19*******
    2.3OSLinuxLinux Kernel2.4.19pre1******
    2.3OSLinuxLinux Kernel2.4.19pre2******
    2.3OSLinuxLinux Kernel2.4.19pre3******
    2.3OSLinuxLinux Kernel2.4.19pre4******
    2.3OSLinuxLinux Kernel2.4.19pre5******
    2.3OSLinuxLinux Kernel2.4.19pre6******
    2.3OSLinuxLinux Kernel2.4.20*******
    2.3OSLinuxLinux Kernel2.4.21*******
    2.3OSLinuxLinux Kernel2.4.21pre1******
    2.3OSLinuxLinux Kernel2.4.21pre4******
    2.3OSLinuxLinux Kernel2.4.21pre7******
    2.3OSLinuxLinux Kernel2.4.22*******
    2.3OSLinuxLinux Kernel2.4.23*******
    2.3OSLinuxLinux Kernel2.4.23pre9******
    2.3OSLinuxLinux Kernel2.4.23_ow2*******
    2.3OSLinuxLinux Kernel2.4.24*******
    2.3OSLinuxLinux Kernel2.4.24_ow1*******
    2.3OSLinuxLinux Kernel2.4.25*******
    2.3OSLinuxLinux Kernel2.4.26*******
    2.3OSLinuxLinux Kernel2.4.27*******
    2.3OSLinuxLinux Kernel2.4.27pre1******
    2.3OSLinuxLinux Kernel2.4.27pre2******
    2.3OSLinuxLinux Kernel2.4.27pre3******
    2.3OSLinuxLinux Kernel2.4.27pre4******
    2.3OSLinuxLinux Kernel2.4.27pre5******
    2.3OSLinuxLinux Kernel2.4.28*******
    2.3OSLinuxLinux Kernel2.6.0*******
    2.3OSLinuxLinux Kernel2.6.0test1******
    2.3OSLinuxLinux Kernel2.6.0test10******
    2.3OSLinuxLinux Kernel2.6.0test11******
    2.3OSLinuxLinux Kernel2.6.0test2******
    2.3OSLinuxLinux Kernel2.6.0test3******
    2.3OSLinuxLinux Kernel2.6.0test4******
    2.3OSLinuxLinux Kernel2.6.0test5******
    2.3OSLinuxLinux Kernel2.6.0test6******
    2.3OSLinuxLinux Kernel2.6.0test7******
    2.3OSLinuxLinux Kernel2.6.0test8******
    2.3OSLinuxLinux Kernel2.6.0test9******
    2.3OSLinuxLinux Kernel2.6.1*******
    2.3OSLinuxLinux Kernel2.6.1rc1******
    2.3OSLinuxLinux Kernel2.6.1rc2******
    2.3OSLinuxLinux Kernel2.6.2*******
    2.3OSLinuxLinux Kernel2.6.3*******
    2.3OSLinuxLinux Kernel2.6.4*******
    2.3OSLinuxLinux Kernel2.6.5*******
    2.3OSLinuxLinux Kernel2.6.6*******
    2.3OSLinuxLinux Kernel2.6.6rc1******
    2.3OSLinuxLinux Kernel2.6.7*******
    2.3OSLinuxLinux Kernel2.6.7rc1******
    2.3OSLinuxLinux Kernel2.6.8*******
    2.3OSLinuxLinux Kernel2.6.8rc1******
    2.3OSLinuxLinux Kernel2.6.8rc2******
    2.3OSLinuxLinux Kernel2.6.8rc3******
    2.3OSLinuxLinux Kernel2.6.92.6.20******
    2.3OSLinuxLinux Kernel2.6_test9_cvs*******
    2.3OSUbuntuUbuntu Linux4.1*ia64*****
    2.3OSUbuntuUbuntu Linux4.1*ppc*****

Vulnerable Software List

VendorProductVersions
Ubuntu Ubuntu Linux 4.1
Linux Linux Kernel 2.4.0, 2.4.1, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.4.2, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.23_ow2, 2.4.24, 2.4.24_ow1, 2.4.25, 2.4.26, 2.4.27, 2.4.28, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6_test9_cvs

References

NameSourceURLTags
http://isec.pl/vulnerabilities/isec-0019-scm.txthttp://isec.pl/vulnerabilities/isec-0019-scm.txtMISC
20162http://secunia.com/advisories/20162SECUNIA
20163http://secunia.com/advisories/20163SECUNIA
20202http://secunia.com/advisories/20202SECUNIA
20338http://secunia.com/advisories/20338SECUNIA
DSA-1067http://www.debian.org/security/2006/dsa-1067DEBIAN
DSA-1069http://www.debian.org/security/2006/dsa-1069DEBIAN
DSA-1070http://www.debian.org/security/2006/dsa-1070DEBIAN
DSA-1082http://www.debian.org/security/2006/dsa-1082DEBIAN
MDKSA-2005:022http://www.mandriva.com/security/advisories?name=MDKSA-2005:022MANDRAKE
SUSE-SA:2004:044http://www.novell.com/linux/security/advisories/2004_44_kernel.htmlSUSE
RHSA-2004:689http://www.redhat.com/support/errata/RHSA-2004-689.htmlREDHAT
RHSA-2005:016http://www.redhat.com/support/errata/RHSA-2005-016.htmlREDHAT
RHSA-2005:017http://www.redhat.com/support/errata/RHSA-2005-017.htmlREDHAT
11921http://www.securityfocus.com/bid/11921BIDExploit Patch Vendor Advisory
FLSA:2336https://bugzilla.fedora.us/show_bug.cgi?id=2336FEDORA
linux-scmsend-dos(18483)https://exchange.xforce.ibmcloud.com/vulnerabilities/18483XF
oval:org.mitre.oval:def:11816https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11816OVAL
USN-38-1https://www.ubuntu.com/usn/usn-38-1/UBUNTU