CVE-2004-2731 — Vulnetix

Try Vulnetix Request Demo

CVE-2004-2731 PUBLISHED CVSS 4.400000095367432 MEDIUM

Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.

EPSS 0.14% · 33.3th percentile

Risk Scores

CVSS v2.0

4.400000095367432

EPSS Score

0.14%

33.3th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
linux	linux_kernel	2.4.0, 2.4.0, 2.4.0

Timeline

Dec 31, 2004 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Apr 29, 2022 CVE Updated
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

11981 third-party-advisory
7345 vdb
1010617 vdb
8363 vdb
20040629 linux kernel Sbus PROM driver multiple integer overflows mailing-list
DSA-1503 vendor-advisory
29058 third-party-advisory
http://www.securiteam.com/unixfocus/5GP0515DFW.html url
10632 vdb
https://nvd.nist.gov/vuln/detail/CVE-2004-2731 advisory

Open in Interactive Console →