Linux 2.6 Kernel fb_copy_cmap() Memory Access Flaw Has Unspecified Impact
|
|
SecurityTracker Alert ID: 1009961
|
|
CVE Reference: CAN-2004-0229
(Links to External Site)
|
Date: Apr 27 2004
|
Impact: Not specified
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.6 kernel
|
Description: A vulnerability was reported in the framebuffer driver in the Linux 2.6 kernel. The impact was not specified.
Several vendors reported that the fb_copy_cmap() function is not properly used and may directly access userspace memory.
|
Impact: The impace was not specified.
|
Solution: Individual vendors are issuing fixed versions for their respective distributions [See the Message History].
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Caldera/SCO), Linux (Conectiva), Linux (Debian), Linux (EnGarde), Linux (Gentoo), Linux (HP Secure OS), Linux (Immunix), Linux (Mandrake), Linux (Progeny Debian), Linux (Red Hat Enterprise), Linux (Red Hat Fedora), Linux (Red Hat Linux), Linux (SGI), Linux (Slackware), Linux (Sun), Linux (SuSE), Linux (Trustix), Linux (Turbo Linux), Linux (Xandros)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 27 Apr 2004 17:02:48 -0400
Subject: CAN-2004-0229
|
Several vendors reported a vulnerability in the framebuffer driver of the Linux kernel
version 2.6. The fb_copy_cmap() function is not properly used.
CVE: CAN-2004-0229
|
|
