Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1335

6 documents6 sources

Severity

2.1LOW

EPSS

0.3%

top 47.61%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Linux Linux Kernel Redhat Fedora Core Redhat Linux

Timeline

PublishedDec 15

Latest updateApr 29

Description

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶NVDlinux/linux_kernel43 versions+42

▶NVDredhat/linux7.3, 9.0+1

▶NVDredhat/fedora_corecore_1.0, core_2.0, core_3.0+2

Patches

Patch: www.guninski.com ↗Patch: www.securityfocus.com ↗Patch: www.securitytrap.com ↗

🔴Vulnerability Details

GHSA

GHSA-2j6m-xqr4-h89h: Memory leak in the ip_options_get function in the Linux kernel before 2↗2022-04-29

▶

CVEList

CVE-2004-1335: Memory leak in the ip_options_get function in the Linux kernel before 2↗2005-01-06

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel 2.4.28/2.6.9 - 'ip_options_get' Local Overflow↗2004-12-16

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-12-08

▶

💬Community

Bugzilla

CVE-2004-1335 security flaw↗2018-08-16

▶