Vulnerability Details CVE-2003-0986
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.4%
CVSS Severity
CVSS v2 Score 1.7
References
- http://linux.bkbits.net:8080/linux-2.4/cset%403fdd54b3u9Eq0Wny2Nn1HGfI3pofOQ
- http://linux.bkbits.net:8080/linux-2.6/cset%403ffcf122S7e3xPZCpibrXq6KRRjwqw
- http://www.redhat.com/support/errata/RHSA-2004-017.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9707
- http://linux.bkbits.net:8080/linux-2.4/cset%403fdd54b3u9Eq0Wny2Nn1HGfI3pofOQ
- http://linux.bkbits.net:8080/linux-2.6/cset%403ffcf122S7e3xPZCpibrXq6KRRjwqw
- http://www.redhat.com/support/errata/RHSA-2004-017.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9707
Products affected by CVE-2003-0986
-
cpe:2.3:o:linux:linux_kernel:2.4.0
-
cpe:2.3:o:linux:linux_kernel:2.4.18
-
cpe:2.3:o:linux:linux_kernel:2.4.19
-
cpe:2.3:o:linux:linux_kernel:2.4.21
-
cpe:2.3:o:linux:linux_kernel:2.4.22
-
cpe:2.3:o:linux:linux_kernel:2.4.23
-
cpe:2.3:o:linux:linux_kernel:2.4.23_ow2
-
cpe:2.3:o:linux:linux_kernel:2.4.24
-
cpe:2.3:o:linux:linux_kernel:2.4.24_ow1
-
cpe:2.3:o:linux:linux_kernel:2.6.0
-
cpe:2.3:o:linux:linux_kernel:2.6.1
-
cpe:2.3:o:linux:linux_kernel:2.6.2
-
cpe:2.3:o:redhat:enterprise_linux:3.0