64896 – (CVE-2005-0003) VUL-0: CVE-2005-0003: kernel: elf vm overlap denial of service also in 2.4 line

Bug 64896 (CVE-2005-0003) - VUL-0: CVE-2005-0003: kernel: elf vm overlap denial of service also in 2.4 line

Summary: VUL-0: CVE-2005-0003: kernel: elf vm overlap denial of service also in 2.4 line

Status:	RESOLVED FIXED

Alias:	CVE-2005-0003

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	All Linux

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Marcus Meissner
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2005-0003: CVSS v2 Base Score: 2....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-01-17 20:58 UTC by Marcus Meissner
Modified:	2021-10-27 11:50 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
vmoverlap-fix-2.4 (7.67 KB, patch) 2005-01-17 21:00 UTC, Marcus Meissner	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2005-01-17 20:58:11 UTC

From: Vincent Danen <vdanen@mandrakesoft.com>                                    
Subject: [vendor-sec] CAN-2005-0003                                              

I'm trying to clean up some stuff and I have a reference here to                 
CAN-2005-0003 being a CVE name for a kernel problem but trying to                
search for it in my vendorsec folder is coming up empty.

Comment 1 Marcus Meissner 2005-01-17 20:58:11 UTC

<!-- SBZ_reproduce  -->
n/a

Comment 2 Marcus Meissner 2005-01-17 20:59:09 UTC

We fixed that for 2.6 already, but not for 2.4. 
 
A patch was applied to the 2.4 line: 
 
http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw

Comment 3 Marcus Meissner 2005-01-17 21:00:10 UTC

Created attachment 27682 [details]
vmoverlap-fix-2.4

extract from BK

Comment 4 Marcus Meissner 2005-01-17 21:02:20 UTC

2.6 part is tracked in http://bugzilla.suse.de/show_bug.cgi?id=48493 
(already closed)

Comment 5 Hubert Mantel 2005-01-27 00:07:28 UTC

Ok, fixes have been committed to all trees. I did not yet check in the kernels,
as there surely are more to come...

Comment 6 Marcus Meissner 2005-03-16 09:45:34 UTC

tracking

Comment 7 Marcus Meissner 2005-03-24 17:21:25 UTC

updates and advisory released

Comment 8 Thomas Biege 2009-10-13 20:58:09 UTC

CVE-2005-0003: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)