[email protected]CVE-2004-2302

HistoryAug 08, 2005 - 4:00 a.m.

CVE-2004-2302

2005-08-0804:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2302

linux kernel

sysfs

race condition

denial of service

memory read

nvd

2.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:N/A:P

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.6%

JSON

Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.6.10

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.10

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.10

References

kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.10-rc1/2.6.10-rc1-mm1/broken-out/fix-race-in-sysfs_read_file-and-sysfs_write_file.patch

linux.bkbits.net:8080/linux-2.6/cset%404186a4deVoR88JjTwMa3ZnIp-_YJsA

secunia.com/advisories/17826

secunia.com/advisories/18056

www.debian.org/security/2005/dsa-922

www.mandriva.com/security/advisories?name=MDKSA-2005:218

www.mandriva.com/security/advisories?name=MDKSA-2005:219

www.novell.com/linux/security/advisories/2005_44_kernel.html

www.securityfocus.com/bid/13091

2.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:N/A:P

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.6%

JSON

Related for CVE-2004-2302

cvelist1 nvd1 suse1 securityvulns2 debian2 nessus2 openvas2 osv1