CVE-2004-1057

Current Description

Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.

Basic Data

PublishedJanuary 21, 2005
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.2
SeverityHIGH
Exploitability Score3.9
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.0*******
    2.3OSLinuxLinux Kernel2.0.1*******
    2.3OSLinuxLinux Kernel2.0.2*******
    2.3OSLinuxLinux Kernel2.0.3*******
    2.3OSLinuxLinux Kernel2.0.4*******
    2.3OSLinuxLinux Kernel2.0.5*******
    2.3OSLinuxLinux Kernel2.0.6*******
    2.3OSLinuxLinux Kernel2.0.7*******
    2.3OSLinuxLinux Kernel2.0.8*******
    2.3OSLinuxLinux Kernel2.0.9*******
    2.3OSLinuxLinux Kernel2.0.9.9*******
    2.3OSLinuxLinux Kernel2.0.10*******
    2.3OSLinuxLinux Kernel2.0.11*******
    2.3OSLinuxLinux Kernel2.0.12*******
    2.3OSLinuxLinux Kernel2.0.13*******
    2.3OSLinuxLinux Kernel2.0.14*******
    2.3OSLinuxLinux Kernel2.0.15*******
    2.3OSLinuxLinux Kernel2.0.16*******
    2.3OSLinuxLinux Kernel2.0.17*******
    2.3OSLinuxLinux Kernel2.0.18*******
    2.3OSLinuxLinux Kernel2.0.19*******
    2.3OSLinuxLinux Kernel2.0.20*******
    2.3OSLinuxLinux Kernel2.0.21*******
    2.3OSLinuxLinux Kernel2.0.22*******
    2.3OSLinuxLinux Kernel2.0.23*******
    2.3OSLinuxLinux Kernel2.0.24*******
    2.3OSLinuxLinux Kernel2.0.25*******
    2.3OSLinuxLinux Kernel2.0.26*******
    2.3OSLinuxLinux Kernel2.0.27*******
    2.3OSLinuxLinux Kernel2.0.28*******
    2.3OSLinuxLinux Kernel2.0.29*******
    2.3OSLinuxLinux Kernel2.0.30*******
    2.3OSLinuxLinux Kernel2.0.31*******
    2.3OSLinuxLinux Kernel2.0.32*******
    2.3OSLinuxLinux Kernel2.0.33*******
    2.3OSLinuxLinux Kernel2.0.34*******
    2.3OSLinuxLinux Kernel2.0.35*******
    2.3OSLinuxLinux Kernel2.0.36*******
    2.3OSLinuxLinux Kernel2.0.37*******
    2.3OSLinuxLinux Kernel2.0.38*******
    2.3OSLinuxLinux Kernel2.0.39*******
    2.3OSLinuxLinux Kernel2.1*******
    2.3OSLinuxLinux Kernel2.1.89*******
    2.3OSLinuxLinux Kernel2.2.0*******
    2.3OSLinuxLinux Kernel2.2.1*******
    2.3OSLinuxLinux Kernel2.2.2*******
    2.3OSLinuxLinux Kernel2.2.3*******
    2.3OSLinuxLinux Kernel2.2.4*******
    2.3OSLinuxLinux Kernel2.2.5*******
    2.3OSLinuxLinux Kernel2.2.6*******
    2.3OSLinuxLinux Kernel2.2.7*******
    2.3OSLinuxLinux Kernel2.2.8*******
    2.3OSLinuxLinux Kernel2.2.9*******
    2.3OSLinuxLinux Kernel2.2.10*******
    2.3OSLinuxLinux Kernel2.2.11*******
    2.3OSLinuxLinux Kernel2.2.12*******
    2.3OSLinuxLinux Kernel2.2.13*******
    2.3OSLinuxLinux Kernel2.2.14*******
    2.3OSLinuxLinux Kernel2.2.15*******
    2.3OSLinuxLinux Kernel2.2.15pre16******
    2.3OSLinuxLinux Kernel2.2.15_pre20*******
    2.3OSLinuxLinux Kernel2.2.16*******
    2.3OSLinuxLinux Kernel2.2.16pre6******
    2.3OSLinuxLinux Kernel2.2.17*******
    2.3OSLinuxLinux Kernel2.2.18*******
    2.3OSLinuxLinux Kernel2.2.19*******
    2.3OSLinuxLinux Kernel2.2.20*******
    2.3OSLinuxLinux Kernel2.2.21*******
    2.3OSLinuxLinux Kernel2.2.22*******
    2.3OSLinuxLinux Kernel2.2.23*******
    2.3OSLinuxLinux Kernel2.2.24*******
    2.3OSLinuxLinux Kernel2.2.25*******
    2.3OSLinuxLinux Kernel2.2.27rc2******
    2.3OSLinuxLinux Kernel2.3.0*******
    2.3OSLinuxLinux Kernel2.3.99*******
    2.3OSLinuxLinux Kernel2.3.99pre1******
    2.3OSLinuxLinux Kernel2.3.99pre2******
    2.3OSLinuxLinux Kernel2.3.99pre3******
    2.3OSLinuxLinux Kernel2.3.99pre4******
    2.3OSLinuxLinux Kernel2.3.99pre5******
    2.3OSLinuxLinux Kernel2.3.99pre6******
    2.3OSLinuxLinux Kernel2.3.99pre7******
    2.3OSLinuxLinux Kernel2.4.0*******
    2.3OSLinuxLinux Kernel2.4.0test1******
    2.3OSLinuxLinux Kernel2.4.0test10******
    2.3OSLinuxLinux Kernel2.4.0test11******
    2.3OSLinuxLinux Kernel2.4.0test12******
    2.3OSLinuxLinux Kernel2.4.0test2******
    2.3OSLinuxLinux Kernel2.4.0test3******
    2.3OSLinuxLinux Kernel2.4.0test4******
    2.3OSLinuxLinux Kernel2.4.0test5******
    2.3OSLinuxLinux Kernel2.4.0test6******
    2.3OSLinuxLinux Kernel2.4.0test7******
    2.3OSLinuxLinux Kernel2.4.0test8******
    2.3OSLinuxLinux Kernel2.4.0test9******
    2.3OSLinuxLinux Kernel2.4.1*******
    2.3OSLinuxLinux Kernel2.4.10*******
    2.3OSLinuxLinux Kernel2.4.11*******
    2.3OSLinuxLinux Kernel2.4.12*******
    2.3OSLinuxLinux Kernel2.4.13*******
    2.3OSLinuxLinux Kernel2.4.14*******
    2.3OSLinuxLinux Kernel2.4.15*******
    2.3OSLinuxLinux Kernel2.4.16*******
    2.3OSLinuxLinux Kernel2.4.17*******
    2.3OSLinuxLinux Kernel2.4.18*******
    2.3OSLinuxLinux Kernel2.4.18*x86*****
    2.3OSLinuxLinux Kernel2.4.18pre1******
    2.3OSLinuxLinux Kernel2.4.18pre2******
    2.3OSLinuxLinux Kernel2.4.18pre3******
    2.3OSLinuxLinux Kernel2.4.18pre4******
    2.3OSLinuxLinux Kernel2.4.18pre5******
    2.3OSLinuxLinux Kernel2.4.18pre6******
    2.3OSLinuxLinux Kernel2.4.18pre7******
    2.3OSLinuxLinux Kernel2.4.18pre8******
    2.3OSLinuxLinux Kernel********2.4.19
    2.3OSLinuxLinux Kernel2.4.19pre1******
    2.3OSLinuxLinux Kernel2.4.19pre2******
    2.3OSLinuxLinux Kernel2.4.19pre3******
    2.3OSLinuxLinux Kernel2.4.19pre4******
    2.3OSLinuxLinux Kernel2.4.19pre5******
    2.3OSLinuxLinux Kernel2.4.19pre6******
    2.3OSLinuxLinux Kernel2.6.20.1*******
    2.3OSRedhatEnterprise Linux2.1*advanced_server*****
    2.3OSRedhatEnterprise Linux2.1*advanced_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*workstation*****
    2.3OSRedhatEnterprise Linux2.1*workstation_ia64*****
    2.3OSRedhatEnterprise Linux3.0*advanced_servers*****
    2.3OSRedhatEnterprise Linux3.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux3.0*workstation*****
    2.3OSRedhatEnterprise Linux4.0*advanced_server*****
    2.3OSRedhatEnterprise Linux4.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux4.0*workstation*****

Vulnerable Software List

VendorProductVersions
Redhat Enterprise Linux 2.1, 3.0, 4.0
Linux Linux Kernel *, 2.0, 2.0.1, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19, 2.0.2, 2.0.20, 2.0.21, 2.0.22, 2.0.23, 2.0.24, 2.0.25, 2.0.26, 2.0.27, 2.0.28, 2.0.29, 2.0.3, 2.0.30, 2.0.31, 2.0.32, 2.0.33, 2.0.34, 2.0.35, 2.0.36, 2.0.37, 2.0.38, 2.0.39, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.9.9, 2.1, 2.1.89, 2.2.0, 2.2.1, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.2.15, 2.2.15_pre20, 2.2.16, 2.2.17, 2.2.18, 2.2.19, 2.2.2, 2.2.20, 2.2.21, 2.2.22, 2.2.23, 2.2.24, 2.2.25, 2.2.27, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.3.0, 2.3.99, 2.4.0, 2.4.1, 2.4.10, 2.4.11, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, 2.4.18, 2.4.19, 2.6.20.1

References

NameSourceURLTags
18562http://secunia.com/advisories/18562SECUNIA
http://www.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.23aa3/00_VM_IO-4http://www.kernel.org/pub/linux/kernel/people/andrea/kernels/v2.4/2.4.23aa3/00_VM_IO-4MISC
RHSA-2005:016http://www.redhat.com/support/errata/RHSA-2005-016.htmlREDHATPatch Vendor Advisory
RHSA-2005:017http://www.redhat.com/support/errata/RHSA-2005-017.htmlREDHAT
RHSA-2006:0140http://www.redhat.com/support/errata/RHSA-2006-0140.htmlREDHAT
12338http://www.securityfocus.com/bid/12338BID
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137821https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137821CONFIRMPatch Vendor Advisory
linux-kernel-vmio-dos(19275)https://exchange.xforce.ibmcloud.com/vulnerabilities/19275XF
oval:org.mitre.oval:def:11474https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11474OVAL