Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0077

9 documents6 sources

Severity

7.2HIGH

EPSS

0.1%

top 70.52%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Linux Linux Kernel Netwosix Netwosix Linux Redhat Bigmem Kernel +4 more

Timeline

PublishedMar 3

Latest updateApr 29

Description

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages7 packages

▶NVDlinux/linux_kernel55 versions+54

▶NVDtrustix/secure_linux1.5, 2.0+1

▶NVDnetwosix/netwosix_linux1.0

▶NVDredhat/kernel2.4.20-8

▶NVDredhat/kernel_doc2.4.20-8

Patches

Patch: security.gentoo.org ↗Patch: www.debian.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-pm7j-3492-hq9m: The do_mremap function for the mremap system call in Linux 2↗2022-04-29

▶

CVEList

CVE-2004-0077: The do_mremap function for the mremap system call in Linux 2↗2004-09-01

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Local Privilege Escalation↗2004-03-01

▶

Exploit-DB

Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Validator↗2004-02-18

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-02-18

▶

Red Hat

security flaw↗2004-01-05

▶

💬Community

Bugzilla

CVE-2004-0077 security flaw↗2018-08-16

▶

Bugzilla

CVE-2003-0985 security flaw↗2018-08-16

▶