Vulnerability Description
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.0 |
| Ubuntu | Ubuntu Linux | 4.1 |
References
- http://linux.bkbits.net:8080/linux-2.6/cset%401.2079
- http://linux.bkbits.net:8080/linux-2.6/gnupatch%4041ae6af1cR3mJYlW6D8EHxCKSxuJiQ
- http://marc.info/?l=bugtraq&m=110306397320336&w=2
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
- http://www.novell.com/linux/security/advisories/2004_44_kernel.html
- http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html
- http://linux.bkbits.net:8080/linux-2.6/cset%401.2079
- http://linux.bkbits.net:8080/linux-2.6/gnupatch%4041ae6af1cR3mJYlW6D8EHxCKSxuJiQ
- http://marc.info/?l=bugtraq&m=110306397320336&w=2
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
- http://www.novell.com/linux/security/advisories/2004_44_kernel.html
- http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html
FAQ
What is CVE-2004-1151?
CVE-2004-1151 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
How severe is CVE-2004-1151?
CVE-2004-1151 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1151?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Ubuntu Ubuntu Linux.