NVD Vulnerability Detail

CVE-2004-0427

Summary	The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Publication Date	July 7, 2004, 1 p.m.
Registration Date	Jan. 29, 2021, 6 p.m.
Last Update	Jan. 27, 2024, 3:56 a.m.

CVSS2.0 : LOW
Score	2.1
Vector	AV:L/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::	2.4.0			2.4.26
cpe:2.3:o:linux:linux_kernel::::::::	2.6.0			2.6.6

Related information, measures and tools

No	URL	refsource	タグ
1	ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc	SGI	Broken Link Patch Vendor Advisory
2	ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc	SGI	Broken Link Patch Vendor Advisory
3	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846	CONECTIVA	Broken Link
4	http://fedoranews.org/updates/FEDORA-2004-111.shtml	FEDORA	Third Party Advisory
5	http://security.gentoo.org/glsa/glsa-200407-02.xml	GENTOO	Broken Link
6	http://www.novell.com/linux/security/advisories/2004_10_kernel.html	SUSE	Broken Link
7	http://www.redhat.com/support/errata/RHSA-2004-255.html	REDHAT	Broken Link
8	http://www.redhat.com/support/errata/RHSA-2004-260.html	REDHAT	Broken Link
9	http://www.redhat.com/support/errata/RHSA-2004-327.html	REDHAT	Broken Link
10	http://www.turbolinux.com/security/2004/TLSA-2004-14.txt	TURBO	Broken Link
11	http://www.ciac.org/ciac/bulletins/o-164.shtml	CIAC	Broken Link
12	http://www.securityfocus.com/bid/10221	BID	Broken Link Third Party Advisory VDB Entry
13	http://secunia.com/advisories/11429	SECUNIA	Broken Link
14	http://secunia.com/advisories/11464	SECUNIA	Broken Link
15	http://secunia.com/advisories/11486	SECUNIA	Broken Link
16	http://secunia.com/advisories/11541	SECUNIA	Broken Link
17	http://secunia.com/advisories/11861	SECUNIA	Broken Link
18	http://secunia.com/advisories/11891	SECUNIA	Broken Link
19	http://secunia.com/advisories/11892	SECUNIA	Broken Link
20	http://www.debian.org/security/2006/dsa-1070	DEBIAN	Broken Link
21	http://www.debian.org/security/2006/dsa-1067	DEBIAN	Broken Link
22	http://www.debian.org/security/2006/dsa-1069	DEBIAN	Broken Link
23	http://secunia.com/advisories/20162	SECUNIA	Broken Link
24	http://secunia.com/advisories/20163	SECUNIA	Broken Link
25	http://secunia.com/advisories/20202	SECUNIA	Broken Link
26	http://www.debian.org/security/2006/dsa-1082	DEBIAN	Broken Link
27	http://secunia.com/advisories/20338	SECUNIA	Third Party Advisory
28	http://www.mandriva.com/security/advisories?name=MDKSA-2004:037	MANDRAKE	Third Party Advisory
29	http://marc.info/?l=linux-kernel&m=108139073506983&w=2	MLIST	Mailing List Third Party Advisory
30	https://exchange.xforce.ibmcloud.com/vulnerabilities/16002	XF	Third Party Advisory VDB Entry
31	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2819	OVAL	Broken Link
32	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10297	OVAL	Broken Link
33	http://linux.bkbits.net:8080/linux-2.6/cset%40407b1217x4jtqEkpFW2g_-RcF0726A		Broken Link
34	http://linux.bkbits.net:8080/linux-2.4/cset%40407bf20eDeeejm8t36_tpvSE-8EFHA		Broken Link

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-401	有効期限後のメモリの解放の欠如	https://cwe.mitre.org/data/definitions/401.html