Vulnerability Description
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.0 |
| Redhat | Enterprise Linux | 3.0 |
References
- http://linux.bkbits.net:8080/linux-2.4/cset%403fdd54b3u9Eq0Wny2Nn1HGfI3pofOQ
- http://linux.bkbits.net:8080/linux-2.6/cset%403ffcf122S7e3xPZCpibrXq6KRRjwqw
- http://www.redhat.com/support/errata/RHSA-2004-017.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://linux.bkbits.net:8080/linux-2.4/cset%403fdd54b3u9Eq0Wny2Nn1HGfI3pofOQ
- http://linux.bkbits.net:8080/linux-2.6/cset%403ffcf122S7e3xPZCpibrXq6KRRjwqw
- http://www.redhat.com/support/errata/RHSA-2004-017.htmlPatchVendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0986?
CVE-2003-0986 is a vulnerability with a CVSS score of 1.7 (LOW). Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which cro...
How severe is CVE-2003-0986?
CVE-2003-0986 has been rated LOW with a CVSS base score of 1.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0986?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux.