Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0415

6 documents6 sources
Severity
2.1LOW
EPSS
0.3%
top 46.76%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Linux Linux KernelRedhat Fedora CoreTrustix Secure Linux
Timeline
PublishedNov 23
Latest updateMay 3

Description

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

NVDlinux/linux_kernel38 versions+37
NVDtrustix/secure_linux2.0, 2.1+1
NVDredhat/fedora_corecore_1.0

Patches

Patch: www.redhat.comPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-j85x-jfqv-fm5r: Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory2022-05-03
CVEList
CVE-2004-0415: Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory2004-08-05

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure2004-08-04

📋Vendor Advisories

1
Red Hat
security flaw2004-08-03

💬Community

1
Bugzilla
CVE-2004-0415 security flaw2018-08-16
CVE-2004-0415 (LOW CVSS 2.1) | Linux kernel does not properly conv | cvebase.io