CVE-2004-0535
Last modified
CVE-2004-0535 is a vulnerability of currently unknown severity. The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.. EPSS estimates a 0.47% chance of exploitation in the next 30 days.
Description
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Mandrakesoft | Mandrake Multi Network Firewall | 8.2 | — |
| Suse | Suse Email Server | 3.1 | — |
| Suse | Suse Email Server | iii | — |
| Suse | Suse Linux Admin-Cd For Firewall | All versions | — |
| Suse | Suse Linux Connectivity Server | All versions | — |
| Suse | Suse Linux Database Server | All versions | — |
| Suse | Suse Linux Firewall Cd | All versions | — |
| Suse | Suse Linux Firewall Live-Cd | All versions | — |
| Suse | Suse Linux Office Server | All versions | — |
| Suse | Suse Office Server | All versions | — |
| Conectiva | Linux | 8.0 | — |
| Conectiva | Linux | 9.0 | — |
| Engardelinux | Secure Community | 2.0 | — |
| Engardelinux | Secure Linux | 1.5 | — |
| Gentoo | Linux | 1.4 | — |
| Linux | Linux Kernel | 2.4.0 | — |
| Linux | Linux Kernel | 2.4.1 | — |
| Linux | Linux Kernel | 2.4.2 | — |
| Linux | Linux Kernel | 2.4.3 | — |
| Linux | Linux Kernel | 2.4.4 | — |
| Linux | Linux Kernel | 2.4.5 | — |
| Linux | Linux Kernel | 2.4.6 | — |
| Linux | Linux Kernel | 2.4.7 | — |
| Linux | Linux Kernel | 2.4.8 | — |
| Linux | Linux Kernel | 2.4.9 | — |
| Linux | Linux Kernel | 2.4.10 | — |
| Linux | Linux Kernel | 2.4.11 | — |
| Linux | Linux Kernel | 2.4.12 | — |
| Linux | Linux Kernel | 2.4.13 | — |
| Linux | Linux Kernel | 2.4.14 | — |
| Linux | Linux Kernel | 2.4.15 | — |
| Linux | Linux Kernel | 2.4.16 | — |
| Linux | Linux Kernel | 2.4.17 | — |
| Linux | Linux Kernel | 2.4.18 | — |
| Linux | Linux Kernel | 2.4.19 | — |
| Linux | Linux Kernel | 2.4.20 | — |
| Linux | Linux Kernel | 2.4.21 | — |
| Linux | Linux Kernel | 2.4.22 | — |
| Linux | Linux Kernel | 2.4.23 | — |
| Linux | Linux Kernel | 2.4.23_ow2 | — |
| Linux | Linux Kernel | 2.4.24 | — |
| Linux | Linux Kernel | 2.4.24_ow1 | — |
| Linux | Linux Kernel | 2.4.25 | — |
| Linux | Linux Kernel | 2.4.26 | — |
| Linux | Linux Kernel | 2.4.27 | Pre1 |
| Mandrakesoft | Mandrake Linux | 9.1 | — |
| Mandrakesoft | Mandrake Linux | 9.2 | — |
| Mandrakesoft | Mandrake Linux | 10.0 | — |
| Mandrakesoft | Mandrake Linux Corporate Server | 2.1 | — |
| Suse | Suse Linux | 7 | — |
Showing 50 of 56 affected configurations. See NVD for the full list.
References
- http://security.gentoo.org/glsa/glsa-200407-02.xmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-413.htmlPatch, Vendor Advisory
- http://www.securityfocus.com/bid/10352Patch, Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200407-02.xmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2004-413.htmlPatch, Vendor Advisory
- http://www.securityfocus.com/bid/10352Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-0535?
How severe is CVE-2004-0535?
How do I fix CVE-2004-0535?
Are you affected by CVE-2004-0535?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST