CVE-2004-0075

Linux Kernel - Denial of Service

Title source: rule

Description

The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.

References (9)

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

[Various Sources] http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/o-082.shtml

[Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2004-065.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-293.html

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/9690

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15246

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A836

Scores

EPSS 0.0007

EPSS Percentile 22.2%

Classification

Status draft

Affected Products (50)

linux/linux_kernel

... and 35 more

Timeline

Published Mar 15, 2004

Tracked Since Feb 18, 2026