漏洞信息详情
Linux Kernel USB驱动程序未初始化结构信息披露漏洞
- CNNVD编号:CNNVD-200412-094
- 危害等级: 中危
![图片[1]-Linux Kernel USB驱动程序未初始化结构信息披露漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-07/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2004-0685
- 漏洞类型:
其他
- 发布时间:
2004-12-23
- 威胁类型:
本地
- 更新时间:
2007-05-16
- 厂 商:
linux - 漏洞来源:
This vulnerability… -
漏洞简介
Linux 2.4内核的Certain USB驱动程序使用未初始化结构中的copy_to_user功能,本地用户利用该漏洞通过读取内存获取敏感信息,该内存在以前使用后不曾被删除。
漏洞公告
Please see the referenced advisories for information on obtaining and applying the appropriate updates.
Linux kernel 2.4.17
-
Debian kernel-headers-2.4.17_2.4.17-0.020226.2.woody3_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-headers-2.4.17_2.4.17-0.020226.2.woody3_mips.deb -
Debian kernel-headers-2.4.17_2.4.17-0.020226.2.woody3_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-headers-2.4.17_2.4.17-0.020226.2.woody3_mipsel.deb -
Debian kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody3_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody3_mipsel.deb -
Debian kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody3_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody3_mips.deb -
Debian kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody3_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody3_mipsel.deb -
Debian kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody3_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody3_mips.deb -
Debian kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody3_all.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody3_all.deb -
Debian kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody4_all.debArchitecture Independent.
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody4_all.deb -
Debian mips-tools_2.4.17-0.020226.2.woody3_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/mips-tools_2.4.17-0.020226.2.woody3_mipsel.deb -
Debian kernel-doc-2.4.17_2.4.17-1woody3_all.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/ke
rnel-doc-2.4.17_2.4.17-1woody3_all.deb -
Debian kernel-doc-2.4.17_2.4.17-1woody4_all.debDebian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/ke
rnel-doc-2.4.17_2.4.17-1woody4_all.deb -
Debian kernel-headers-2.4.17-apus_2.4.17-5_powerpc.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apu
s/kernel-headers-2.4.17-apus_2.4.17-5_powerpc.deb -
Debian kernel-headers-2.4.17-apus_2.4.17-6_powerpc.debDebian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apu
s/kernel-headers-2.4.17-apus_2.4.17-6_powerpc.deb -
Debian kernel-headers-2.4.17-hppa_32.4_hppa.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hpp
a/kernel-headers-2.4.17-hppa_32.4_hppa.deb -
Debian kernel-headers-2.4.17-hppa_32.5_hppa.debDebian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hpp
a/kernel-headers-2.4.17-hppa_32.5_hppa.deb -
Debian kernel-headers-2.4.17-ia64_011226.16_ia64.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia6
4/kernel-headers-2.4.17-ia64_011226.16_ia64.deb -
Debian kernel-headers-2.4.17-ia64_011226.17_ia64.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia6
4/kernel-headers-2.4.17-ia64_011226.17_ia64.deb -
Debian kernel-headers-2.4.17-ia64_011226.18_ia64.debDebian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia6
4/kernel-headers-2.4.17-ia64_011226.18_ia64.deb -
Debian kernel-headers-2.4.17_2.4.17-0.020226.2.woody1_mips.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-headers-2.4.17_2.4.17-0.020226.2.woody1_mips.deb -
Debian kernel-headers-2.4.17_2.4.17-0.020226.2.woody1_mipsel.debDebian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-headers-2.4.17_2.4.17-0.020226.2.woody1_mipsel.deb -
Debian kernel-headers-2.4.17_2.4.17-0.020226.2.woody4_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mip
s/kernel-headers-2.4.17_2.4.17-0.020226.2.woody4_mips.deb - D
参考网址
来源:US-CERT Vulnerability Note: VU#981134
名称: VU#981134
链接:http://www.kb.cert.org/vuls/id/981134
来源: XF
名称: linux-usb-gain-privileges(16931)
链接:http://xforce.iss.net/xforce/xfdb/16931
来源: BID
名称: 10892
链接:http://www.securityfocus.com/bid/10892
来源: GENTOO
名称: GLSA-200408-24
链接:http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml
来源: FEDORA
名称: FLSA:2336
链接:https://bugzilla.fedora.us/show_bug.cgi?id=2336
来源: TRUSTIX
名称: 2004-0041
链接:http://www.trustix.net/errata/2004/0041/
来源: www.securityspace.com
链接:http://www.securityspace.com/smysecure/catid.html?id=14580
来源: REDHAT
名称: RHSA-2004:505
链接:http://www.redhat.com/support/errata/RHSA-2004-505.html
来源: REDHAT
名称: RHSA-2004:504
链接:http://www.redhat.com/support/errata/RHSA-2004-504.html
来源: DEBIAN
名称: DSA-1082
链接:http://www.debian.org/security/2006/dsa-1082
来源: DEBIAN
名称: DSA-1070
链接:http://www.debian.org/security/2006/dsa-1070
来源: DEBIAN
名称: DSA-1069
链接:http://www.debian.org/security/2006/dsa-1069
来源: DEBIAN
名称: DSA-1067
链接:http://www.debian.org/security/2006/dsa-1067
来源: SECUNIA
名称: 20338
链接:http://secunia.com/advisories/20338
来源: SECUNIA
名称: 20202
链接:http://secunia.com/advisories/20202
来源: SECUNIA
名称: 20163
链接:http://secunia.com/advisories/20163
来源: SECUNIA
名称: 20162
链接:http://secunia.com/advisories/20162
来源: OVAL
名称: oval:org.mitre.oval:def:10665
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10665
来源: bugzilla.redhat.com
链接:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127921
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
