CVE-2004-0427 — Vulnetix

Try Vulnetix Request Demo

CVE-2004-0427 PUBLISHED CVSS 2.0999999046325684 LOW

The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.

EPSS 0.16% · 37.2th percentile

Risk Scores

CVSS v2.0

2.0999999046325684

EPSS Score

0.16%

37.2th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	2.4.0, 2.6.0
n/a	n/a	n/a

Timeline

Apr 30, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://secunia.com/advisories/11429 technical
20163 third-party-advisory
RHSA-2004:327 vendor-advisory
11464 third-party-advisory
http://linux.bkbits.net:8080/linux-2.6/cset%40407b1217x4jtqEkpFW2g_-RcF0726A url
linux-dofork-memory-leak(16002) vdb
DSA-1082 vendor-advisory
RHSA-2004:255 vendor-advisory
FEDORA-2004-111 vendor-advisory
11861 third-party-advisory
[linux-kernel] 20040408 [PATCH]: 2.4/2.6 do_fork() error path memory leak mailing-list
RHSA-2004:260 vendor-advisory
SuSE-SA:2004:010 vendor-advisory
DSA-1070 vendor-advisory
oval:org.mitre.oval:def:10297 vdb
20162 third-party-advisory
MDKSA-2004:037 vendor-advisory
11891 third-party-advisory
11486 third-party-advisory
TLSA-2004-14 vendor-advisory

…and 17 more

Open in Interactive Console →