// For flags

CVE-2003-0985

Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.

La llamada de sistema mremap (do_mremap) en Linux kernel 2.2, 2.4 y 2.6 y posiblemente otras versiones anteriores a 2.4.24, no realiza adecuadamente comprobaciones de límites, lo que permite a usuarios locales causar una denegación de servicio y posiblemente ganar privilegios causando que se reasigne una área de memoria virtual (WMA) para crea una WMA de longitud cero, vulnerabilidad distinta a CAN-2004-0077.

The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access. Updated version of the original release of this document.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2003-12-16 CVE Reserved
  • 2004-01-05 CVE Published
  • 2004-01-06 First Exploit
  • 2024-08-08 CVE Updated
  • 2025-04-06 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (51)
URL Tag Source
http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html Mailing List
http://isec.pl/vulnerabilities/isec-0013-mremap.txt X_refsource_misc
http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap X_refsource_confirm
http://marc.info/?l=bugtraq&m=107332782121916&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107340358402129&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107340814409017&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107350348418373&w=2 Mailing List
http://marc.info/?l=bugtraq&m=107394143105081&w=2 Mailing List
http://secunia.com/advisories/10532 Third Party Advisory
http://secunia.com/advisories/20163 Third Party Advisory
http://secunia.com/advisories/20202 Third Party Advisory
http://secunia.com/advisories/20338 Third Party Advisory
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0 X_refsource_confirm
http://www.ciac.org/ciac/bulletins/o-045.shtml Government Resource
http://www.kb.cert.org/vuls/id/490620 Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24 X_refsource_confirm
http://www.osvdb.org/3315 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/14135 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867 Signature
URL Date SRC
https://www.exploit-db.com/exploits/141 2004-01-06
https://www.exploit-db.com/exploits/142 2004-01-07
https://www.exploit-db.com/exploits/145 2004-01-15
http://www.securityfocus.com/bid/9356 2024-08-08
URL Date SRC
http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html 2018-05-03
http://www.redhat.com/support/errata/RHSA-2003-417.html 2018-05-03
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U 2018-05-03
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799 2018-05-03
http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01 2018-05-03
http://marc.info/?l=bugtraq&m=107332754521495&w=2 2018-05-03
http://www.debian.org/security/2004/dsa-413 2018-05-03
http://www.debian.org/security/2004/dsa-417 2018-05-03
http://www.debian.org/security/2004/dsa-423 2018-05-03
http://www.debian.org/security/2004/dsa-427 2018-05-03
http://www.debian.org/security/2004/dsa-439 2018-05-03
http://www.debian.org/security/2004/dsa-440 2018-05-03
http://www.debian.org/security/2004/dsa-442 2018-05-03
http://www.debian.org/security/2004/dsa-450 2018-05-03
http://www.debian.org/security/2004/dsa-470 2018-05-03
http://www.debian.org/security/2004/dsa-475 2018-05-03
http://www.debian.org/security/2006/dsa-1067 2018-05-03
http://www.debian.org/security/2006/dsa-1069 2018-05-03
http://www.debian.org/security/2006/dsa-1070 2018-05-03
http://www.debian.org/security/2006/dsa-1082 2018-05-03
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001 2018-05-03
http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html 2018-05-03
http://www.redhat.com/support/errata/RHSA-2003-416.html 2018-05-03
http://www.redhat.com/support/errata/RHSA-2003-418.html 2018-05-03
http://www.redhat.com/support/errata/RHSA-2003-419.html 2018-05-03
https://access.redhat.com/security/cve/CVE-2003-0985 2004-01-05
https://bugzilla.redhat.com/show_bug.cgi?id=1617115 2004-01-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test1
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test10
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test11
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test12
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test2
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test3
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test4
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test5
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test6
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test7
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test8
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.0
Search vendor "Linux" for product "Linux Kernel" and version "2.4.0"
test9
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.1
Search vendor "Linux" for product "Linux Kernel" and version "2.4.1"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.2
Search vendor "Linux" for product "Linux Kernel" and version "2.4.2"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.3
Search vendor "Linux" for product "Linux Kernel" and version "2.4.3"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.4
Search vendor "Linux" for product "Linux Kernel" and version "2.4.4"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.5
Search vendor "Linux" for product "Linux Kernel" and version "2.4.5"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.6
Search vendor "Linux" for product "Linux Kernel" and version "2.4.6"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.7
Search vendor "Linux" for product "Linux Kernel" and version "2.4.7"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.8
Search vendor "Linux" for product "Linux Kernel" and version "2.4.8"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.9
Search vendor "Linux" for product "Linux Kernel" and version "2.4.9"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.10
Search vendor "Linux" for product "Linux Kernel" and version "2.4.10"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.11
Search vendor "Linux" for product "Linux Kernel" and version "2.4.11"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.12
Search vendor "Linux" for product "Linux Kernel" and version "2.4.12"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.13
Search vendor "Linux" for product "Linux Kernel" and version "2.4.13"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.14
Search vendor "Linux" for product "Linux Kernel" and version "2.4.14"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.15
Search vendor "Linux" for product "Linux Kernel" and version "2.4.15"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.16
Search vendor "Linux" for product "Linux Kernel" and version "2.4.16"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.17
Search vendor "Linux" for product "Linux Kernel" and version "2.4.17"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
x86
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre1
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre2
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre3
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre4
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre5
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre6
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre7
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.18
Search vendor "Linux" for product "Linux Kernel" and version "2.4.18"
pre8
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre1
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre2
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre3
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre4
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre5
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.19
Search vendor "Linux" for product "Linux Kernel" and version "2.4.19"
pre6
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.20
Search vendor "Linux" for product "Linux Kernel" and version "2.4.20"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.21
Search vendor "Linux" for product "Linux Kernel" and version "2.4.21"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.21
Search vendor "Linux" for product "Linux Kernel" and version "2.4.21"
pre1
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.21
Search vendor "Linux" for product "Linux Kernel" and version "2.4.21"
pre4
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.21
Search vendor "Linux" for product "Linux Kernel" and version "2.4.21"
pre7
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.22
Search vendor "Linux" for product "Linux Kernel" and version "2.4.22"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 2.4.23
Search vendor "Linux" for product "Linux Kernel" and version "2.4.23"
-
Affected