CVE-2004-1074

Current Description

The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.

Basic Data

PublishedJanuary 10, 2005
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score2.1
SeverityLOW
Exploitability Score3.9
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSLinuxLinux Kernel2.4.0*******
    2.3OSLinuxLinux Kernel2.4.0test1******
    2.3OSLinuxLinux Kernel2.4.0test10******
    2.3OSLinuxLinux Kernel2.4.0test11******
    2.3OSLinuxLinux Kernel2.4.0test12******
    2.3OSLinuxLinux Kernel2.4.0test2******
    2.3OSLinuxLinux Kernel2.4.0test3******
    2.3OSLinuxLinux Kernel2.4.0test4******
    2.3OSLinuxLinux Kernel2.4.0test5******
    2.3OSLinuxLinux Kernel2.4.0test6******
    2.3OSLinuxLinux Kernel2.4.0test7******
    2.3OSLinuxLinux Kernel2.4.0test8******
    2.3OSLinuxLinux Kernel2.4.0test9******
    2.3OSLinuxLinux Kernel2.4.1*******
    2.3OSLinuxLinux Kernel2.4.2*******
    2.3OSLinuxLinux Kernel2.4.3*******
    2.3OSLinuxLinux Kernel2.4.4*******
    2.3OSLinuxLinux Kernel2.4.5*******
    2.3OSLinuxLinux Kernel2.4.6*******
    2.3OSLinuxLinux Kernel2.4.7*******
    2.3OSLinuxLinux Kernel2.4.8*******
    2.3OSLinuxLinux Kernel2.4.9*******
    2.3OSLinuxLinux Kernel2.4.10*******
    2.3OSLinuxLinux Kernel2.4.11*******
    2.3OSLinuxLinux Kernel2.4.12*******
    2.3OSLinuxLinux Kernel2.4.13*******
    2.3OSLinuxLinux Kernel2.4.14*******
    2.3OSLinuxLinux Kernel2.4.15*******
    2.3OSLinuxLinux Kernel2.4.16*******
    2.3OSLinuxLinux Kernel2.4.17*******
    2.3OSLinuxLinux Kernel2.4.18*******
    2.3OSLinuxLinux Kernel2.4.18*x86*****
    2.3OSLinuxLinux Kernel2.4.18pre1******
    2.3OSLinuxLinux Kernel2.4.18pre2******
    2.3OSLinuxLinux Kernel2.4.18pre3******
    2.3OSLinuxLinux Kernel2.4.18pre4******
    2.3OSLinuxLinux Kernel2.4.18pre5******
    2.3OSLinuxLinux Kernel2.4.18pre6******
    2.3OSLinuxLinux Kernel2.4.18pre7******
    2.3OSLinuxLinux Kernel2.4.18pre8******
    2.3OSLinuxLinux Kernel2.4.19*******
    2.3OSLinuxLinux Kernel2.4.19pre1******
    2.3OSLinuxLinux Kernel2.4.19pre2******
    2.3OSLinuxLinux Kernel2.4.19pre3******
    2.3OSLinuxLinux Kernel2.4.19pre4******
    2.3OSLinuxLinux Kernel2.4.19pre5******
    2.3OSLinuxLinux Kernel2.4.19pre6******
    2.3OSLinuxLinux Kernel2.4.20*******
    2.3OSLinuxLinux Kernel2.4.21*******
    2.3OSLinuxLinux Kernel2.4.21pre1******
    2.3OSLinuxLinux Kernel2.4.21pre4******
    2.3OSLinuxLinux Kernel2.4.21pre7******
    2.3OSLinuxLinux Kernel2.4.22*******
    2.3OSLinuxLinux Kernel2.4.23*******
    2.3OSLinuxLinux Kernel2.4.23pre9******
    2.3OSLinuxLinux Kernel2.4.23_ow2*******
    2.3OSLinuxLinux Kernel2.4.24*******
    2.3OSLinuxLinux Kernel2.4.24_ow1*******
    2.3OSLinuxLinux Kernel2.4.25*******
    2.3OSLinuxLinux Kernel2.4.26*******
    2.3OSLinuxLinux Kernel2.4.27*******
    2.3OSLinuxLinux Kernel2.4.27pre1******
    2.3OSLinuxLinux Kernel2.4.27pre2******
    2.3OSLinuxLinux Kernel2.4.27pre3******
    2.3OSLinuxLinux Kernel2.4.27pre4******
    2.3OSLinuxLinux Kernel2.4.27pre5******
    2.3OSLinuxLinux Kernel2.6.0*******
    2.3OSLinuxLinux Kernel2.6.0test1******
    2.3OSLinuxLinux Kernel2.6.0test10******
    2.3OSLinuxLinux Kernel2.6.0test11******
    2.3OSLinuxLinux Kernel2.6.0test2******
    2.3OSLinuxLinux Kernel2.6.0test3******
    2.3OSLinuxLinux Kernel2.6.0test4******
    2.3OSLinuxLinux Kernel2.6.0test5******
    2.3OSLinuxLinux Kernel2.6.0test6******
    2.3OSLinuxLinux Kernel2.6.0test7******
    2.3OSLinuxLinux Kernel2.6.0test8******
    2.3OSLinuxLinux Kernel2.6.0test9******
    2.3OSLinuxLinux Kernel2.6.1*******
    2.3OSLinuxLinux Kernel2.6.1rc1******
    2.3OSLinuxLinux Kernel2.6.1rc2******
    2.3OSLinuxLinux Kernel2.6.2*******
    2.3OSLinuxLinux Kernel2.6.3*******
    2.3OSLinuxLinux Kernel2.6.4*******
    2.3OSLinuxLinux Kernel2.6.5*******
    2.3OSLinuxLinux Kernel2.6.6*******
    2.3OSLinuxLinux Kernel2.6.6rc1******
    2.3OSLinuxLinux Kernel2.6.7*******
    2.3OSLinuxLinux Kernel2.6.7rc1******
    2.3OSLinuxLinux Kernel2.6.8*******
    2.3OSLinuxLinux Kernel2.6.8rc1******
    2.3OSLinuxLinux Kernel2.6.8rc2******
    2.3OSLinuxLinux Kernel2.6.8rc3******
    2.3OSLinuxLinux Kernel2.6.92.6.20******
    2.3OSLinuxLinux Kernel2.6_test9_cvs*******
    2.3OSRedhatEnterprise Linux2.1*advanced_server*****
    2.3OSRedhatEnterprise Linux2.1*advanced_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*workstation*****
    2.3OSRedhatEnterprise Linux2.1*workstation_ia64*****
    2.3OSRedhatEnterprise Linux3.0*advanced_server*****
    2.3OSRedhatEnterprise Linux3.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux3.0*workstation_server*****
    2.3OSRedhatEnterprise Linux Desktop3.0*******
    2.3OSRedhatFedora Corecore_2.0*******
    2.3OSRedhatFedora Corecore_3.0*******
    2.3OSRedhatLinux Advanced Workstation2.1*ia64*****
    2.3OSRedhatLinux Advanced Workstation2.1*itanium_processor*****
    2.3OSSuseSuse Linux1.0*desktop*****
    2.3OSSuseSuse Linux8*enterprise_server*****
    2.3OSSuseSuse Linux8.1*******
    2.3OSSuseSuse Linux8.2*******
    2.3OSSuseSuse Linux9.0*******
    2.3OSSuseSuse Linux9.0*enterprise_server*****
    2.3OSSuseSuse Linux9.0*x86_64*****
    2.3OSSuseSuse Linux9.1*******
    2.3OSSuseSuse Linux9.2*******
    2.3OSTrustixSecure Linux1.5*******
    2.3OSTrustixSecure Linux2.0*******
    2.3OSTrustixSecure Linux2.1*******
    2.3OSTrustixSecure Linux2.2*******
    2.3OSTurbolinuxTurbolinux Server10.0*******

Vulnerable Software List

This CVE contains no version information.

References

NameSourceURLTags
CLA-2005:930http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930CONECTIVA
20041216 [USN-39-1] Linux amd64 kernel vulnerabilityhttp://marc.info/?l=bugtraq&m=110322596918807&w=2BUGTRAQ
[linux-kernel] 20041111 a.out issuehttp://marc.info/?l=linux-kernel&m=110021173607372&w=2MLIST
20162http://secunia.com/advisories/20162SECUNIA
20163http://secunia.com/advisories/20163SECUNIA
20202http://secunia.com/advisories/20202SECUNIA
20338http://secunia.com/advisories/20338SECUNIA
DSA-1067http://www.debian.org/security/2006/dsa-1067DEBIAN
DSA-1069http://www.debian.org/security/2006/dsa-1069DEBIAN
DSA-1070http://www.debian.org/security/2006/dsa-1070DEBIAN
DSA-1082http://www.debian.org/security/2006/dsa-1082DEBIAN
MDKSA-2005:022http://www.mandriva.com/security/advisories?name=MDKSA-2005:022MANDRAKE
11754http://www.securityfocus.com/bid/11754BIDExploit Patch Vendor Advisory
2005-0001http://www.trustix.org/errata/2005/0001/TRUSTIX
FLSA:2336https://bugzilla.fedora.us/show_bug.cgi?id=2336FEDORA
linux-aout-binary-dos(18290)https://exchange.xforce.ibmcloud.com/vulnerabilities/18290XF
oval:org.mitre.oval:def:9751https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751OVAL