{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-04-02T00:00:00", "descriptions": [{"lang": "en", "value": "The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "oval:org.mitre.oval:def:10672", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672"}, {"name": "oval:org.mitre.oval:def:1117", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117"}, {"name": "19607", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19607"}, {"name": "RHSA-2005:472", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-472.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411"}, {"name": "[linux-kernel] 20040402 Re: disable-cap-mlock", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=108087017610947&w=2"}, {"name": "20060402-01-U", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"}, {"name": "13769", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/13769"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0491", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:10672", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672"}, {"name": "oval:org.mitre.oval:def:1117", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117"}, {"name": "19607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19607"}, {"name": "RHSA-2005:472", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-472.html"}, {"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411"}, {"name": "[linux-kernel] 20040402 Re: disable-cap-mlock", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=108087017610947&w=2"}, {"name": "20060402-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"}, {"name": "13769", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13769"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:17:15.250Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:10672", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672"}, {"name": "oval:org.mitre.oval:def:1117", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117"}, {"name": "19607", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19607"}, {"name": "RHSA-2005:472", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-472.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411"}, {"name": "[linux-kernel] 20040402 Re: disable-cap-mlock", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=108087017610947&w=2"}, {"name": "20060402-01-U", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"}, {"name": "13769", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/13769"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0491", "datePublished": "2005-02-06T05:00:00", "dateReserved": "2004-05-27T00:00:00", "dateUpdated": "2024-08-08T00:17:15.250Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit."}], "id": "CVE-2004-0491", "lastModified": "2024-11-20T23:48:42.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=linux-kernel&m=108087017610947&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/19607"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-472.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/13769"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=linux-kernel&m=108087017610947&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19607"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-472.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/13769"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2005:472", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "kernel-0:2.4.21-32.0.1.EL", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2005-05-25T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1617210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617210"}, "csaw": false, "details": ["The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit."], "name": "CVE-2004-0491", "public_date": "2004-06-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2004-0491\nhttps://nvd.nist.gov/vuln/detail/CVE-2004-0491"], "threat_severity": "Moderate"}