Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1983

4 documents4 sources
Severity
2.1LOW
EPSS
0.2%
top 56.43%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Gentoo LinuxTHE PAX Team PAX Linux
Timeline
PublishedMay 2
Latest updateApr 29

Description

The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDgentoo/linux1.4

Patches

Patch: pax.grsecurity.netPatch: www.securityfocus.comPatch: pax.grsecurity.net

🔴Vulnerability Details

2
GHSA
GHSA-8mvh-8fhc-49qf: The arch_get_unmapped_area function in mmap2022-04-29
CVEList
CVE-2004-1983: The arch_get_unmapped_area function in mmap2005-05-10

💥Exploits & PoCs

1
Exploit-DB
PaX 2.6 Kernel Patch - Denial of Service2004-05-03