Vulnerability Details : CVE-2004-0491
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.
Exploit prediction scoring system (EPSS) score for CVE-2004-0491
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2004-0491
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
References for CVE-2004-0491
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117
-
http://marc.info/?l=linux-kernel&m=108087017610947&w=2
- http://www.redhat.com/support/errata/RHSA-2005-472.html
- ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
-
http://www.securityfocus.com/bid/13769
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672
Products affected by CVE-2004-0491
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*