Vulnerability Description
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Avaya | Converged Communications Server | 2.0 |
| Avaya | Modular Messaging Message Storage Server | s3400 |
| Gentoo | Linux | 1.4 |
| Linux | Linux Kernel | 2.4.18 |
| Redhat | Enterprise Linux | 2.1 |
| Suse | Suse Linux | 7 |
| Avaya | Intuity Audix | All versions |
| Suse | Suse Email Server | 3.1 |
| Suse | Suse Linux Admin-Cd For Firewall | All versions |
| Suse | Suse Linux Connectivity Server | All versions |
| Suse | Suse Linux Database Server | All versions |
| Suse | Suse Linux Firewall Cd | All versions |
| Suse | Suse Linux Office Server | All versions |
| Suse | Suse Office Server | All versions |
| Avaya | S8300 | r2.0.0 |
| Avaya | S8500 | r2.0.0 |
| Avaya | S8700 | r2.0.0 |
| Conectiva | Linux | 8.0 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
- http://lwn.net/Articles/91155/
- http://security.gentoo.org/glsa/glsa-200407-02.xmlVendor Advisory
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066
- http://www.novell.com/linux/security/advisories/2004_20_kernel.html
- http://www.redhat.com/support/errata/RHSA-2004-255.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-260.html
- http://www.securityfocus.com/bid/10566PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16449
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
- http://lwn.net/Articles/91155/
FAQ
What is CVE-2004-0495?
CVE-2004-0495 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
How severe is CVE-2004-0495?
CVE-2004-0495 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0495?
Check the references section above for vendor advisories and patch information. Affected products include: Avaya Converged Communications Server, Avaya Modular Messaging Message Storage Server, Gentoo Linux, Linux Linux Kernel, Redhat Enterprise Linux.