CVE-2004-1983 — Vulnetix

Try Vulnetix Request Demo

CVE-2004-1983 PUBLISHED CVSS 2.0999999046325684 LOW

The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.

EPSS 0.21% · 43.4th percentile

Risk Scores

CVSS v2.0

2.0999999046325684

EPSS Score

0.21%

43.4th percentile

Affected Products

Vendor	Product	Versions
the_pax_team	pax_linux	2.6.5
n/a	n/a	n/a
gentoo	linux	1.4

Timeline

May 2, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

20040509 PaX DoS proof-of-concept mailing-list
pax-aslr-enabled-dos(16037) vdb
http://pax.grsecurity.net/ url
20040502 PaX Linux Kernel 2.6 Patches DoS Advisory mailing-list
GLSA-200407-02 vendor-advisory
10264 vdb
https://nvd.nist.gov/vuln/detail/CVE-2004-1983 advisory
http://pax.grsecurity.net url

Open in Interactive Console →