CVE-2004-0491 — Redhat Enterprise Linux vulnerability

6 documents4 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 71.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux

Timeline

PublishedDec 31

Latest updateMay 3

Description

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages0 packages

Also affects: Enterprise Linux 3.0

🔴Vulnerability Details

GHSA

GHSA-f79w-jc47-24f4: The linux-2↗2022-05-03

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-06-21

▶

💬Community

Bugzilla

CVE-2004-0491 security flaw↗2018-08-16

▶

Bugzilla

Multiple Kernel vulnerabilities↗2005-05-11

▶

Bugzilla

CVE-2004-0491 mlock accounting issue↗2004-06-21

▶