CVE-2004-0427

Linux <2.4.26-2.6.6 - DoS

Title source: llm

Description

The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.

References (34)

[Broken Link] http://secunia.com/advisories/11464

[Broken Link, Patch, Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc

[Broken Link, Patch, Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc

[Broken Link] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

[Third Party Advisory] http://fedoranews.org/updates/FEDORA-2004-111.shtml

[Broken Link] http://linux.bkbits.net:8080/linux-2.4/cset%40407bf20eDeeejm8t36_tpvSE-8EFHA

[Broken Link] http://linux.bkbits.net:8080/linux-2.6/cset%40407b1217x4jtqEkpFW2g_-RcF0726A

[Mailing List, Third Party Advisory] http://marc.info/?l=linux-kernel&m=108139073506983&w=2

[Broken Link] http://secunia.com/advisories/11429

[Broken Link] http://secunia.com/advisories/11486

[Broken Link] http://secunia.com/advisories/11541

[Broken Link] http://secunia.com/advisories/11861

[Broken Link] http://secunia.com/advisories/11891

[Broken Link] http://secunia.com/advisories/11892

[Broken Link] http://secunia.com/advisories/20162

[Broken Link] http://secunia.com/advisories/20163

[Broken Link] http://secunia.com/advisories/20202

[Third Party Advisory] http://secunia.com/advisories/20338

[Broken Link] http://security.gentoo.org/glsa/glsa-200407-02.xml

[Broken Link] http://www.ciac.org/ciac/bulletins/o-164.shtml

... and 14 more

Scores

EPSS 0.0016

EPSS Percentile 37.2%

Classification

CWE

CWE-401

Status draft

Affected Products (1)

linux/linux_kernel < 2.4.26

Timeline

Published Jul 07, 2004

Tracked Since Feb 18, 2026