漏洞信息详情
Linux Kernel Vicam USB驱动用户空间/内核内存拷贝漏洞
- CNNVD编号:CNNVD-200403-075
- 危害等级: 低危
![图片[1]-Linux Kernel Vicam USB驱动用户空间/内核内存拷贝漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/fa6998ac850c38cb90c47a02e5a8652c.png)
- CVE编号:
CVE-2004-0075
- 漏洞类型:
设计错误
- 发布时间:
2004-02-18
- 威胁类型:
本地
- 更新时间:
2005-05-13
- 厂 商:
linux - 漏洞来源:
Red Hat advisory -
漏洞简介
Linux是一款开放源代码操作系统。
Linux内核Vicam USB驱动不安全访问用户空间内存,本地攻击者可以利用这个漏洞进行拒绝服务攻击,或提升权限。
Vicam USB驱动没有使用copy_from_user函数来访问用户空间,可能导致拒绝服务攻击,或提升权限。目前没有详细漏洞细节提供。
漏洞公告
厂商补丁:
Linux
—–
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Linux Upgrade linux-2.4.25.tar.bz2
http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.25.tar.bz2” target=”_blank”>
http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.25.tar.bz2
RedHat
——
RedHat已经为此发布了一个安全公告(RHSA-2004:065-01)以及相应补丁:
RHSA-2004:065-01:Updated kernel packages resolve security vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2004-065.html” target=”_blank”>https://www.redhat.com/support/errata/RHSA-2004-065.html
补丁下载:
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-30.9.src.rpm
athlon:
ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-30.9.athlon.rpm
ftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-30.9.athlon.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-30.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-30.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-30.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-30.9.i386.rpm
i686:
ftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-30.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-30.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-30.9.i686.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
S.u.S.E.
——–
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2004:005)以及相应补丁:
SuSE-SA:2004:005:Linux Kernel
链接:
补丁下载:
SuSE Upgrade k_deflt-2.4.20-105.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-105.i586.rpm
Intel i386 Platform
SuSE Upgrade k_athlon-2.4.20-105.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-105.i586.rpm
Intel i386 Platform
SuSE Upgrade k_psmp-2.4.20-105.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-105.i586.rpm
Intel i386 Platform
SuSE Upgrade k_smp-2.4.20-105.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-105.i586.rpm
Intel i386 Platform
SuSE Upgrade k_deflt-2.4.21-192.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-192.i586.rpm
Intel i386 Platform
SuSE Upgrade k_smp-2.4.21-192.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-192.i586.rpm
Intel i386 Platform
SuSE Upgrade k_smp4G-2.4.21-192.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-192.i586.rpm
Intel i386 Platform
SuSE Upgrade k_um-2.4.21-192.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-192.i586.rpm
Intel i386 Platform
SuSE Upgrade k_athlon-2.4.21-192.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-192.i586.rpm
Intel i386 Platform
SuSE Upgrade k_deflt-2.4.21-189.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-189.i586.rpm
Intel i386 Platform/SuSE 8.1
SuSE Upgrade k_athlon-2.4.21-189.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-189.i586.rpm
Intel i386 Platform/SuSE 8.1
SuSE Upgrade k_psmp-2.4.21-189.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-189.i586.rpm
Intel i386 Platform/SuSE 8.1
SuSE Upgrade k_smp-2.4.21-189.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-189.i586.rpm
Intel i386 Platform/SuSE 8.1
SuSE Upgrade k_deflt-2.4.21-201.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-201.x86_64.rpm
x86_64/SuSE 9.0
SuSE Upgrade k_smp-2.4.21-201.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-201.x86_64.rpm
x86_64/SuSE 9.0
参考网址
来源: BID
名称: 9690
链接:http://www.securityfocus.com/bid/9690
来源: REDHAT
名称: RHSA-2004:065
链接:http://www.redhat.com/support/errata/RHSA-2004-065.html
来源: XF
名称: linux-vicam-dos(15246)
链接:http://xforce.iss.net/xforce/xfdb/15246
来源: REDHAT
名称: RHSA-2005:293
链接:http://www.redhat.com/support/errata/RHSA-2005-293.html
来源: SUSE
名称: SuSE-SA:2004:005
链接:http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html
来源: CIAC
名称: O-082
链接:http://www.ciac.org/ciac/bulletins/o-082.shtml
来源: MANDRAKE
名称: MDKSA-2004:015
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015
来源: CONECTIVA
名称: CLA-2004:846
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
来源: US Government Resource: oval:org.mitre.oval:def:836
名称: oval:org.mitre.oval:def:836
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:836
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
