CVE-2004-0685
Last modified
CVE-2004-0685 is a vulnerability of currently unknown severity. Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.. EPSS estimates a 0.48% chance of exploitation in the next 30 days.
Description
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Linux | Linux Kernel | 2.2.0 | — |
| Linux | Linux Kernel | 2.2.1 | — |
| Linux | Linux Kernel | 2.2.2 | — |
| Linux | Linux Kernel | 2.2.3 | — |
| Linux | Linux Kernel | 2.2.4 | — |
| Linux | Linux Kernel | 2.2.5 | — |
| Linux | Linux Kernel | 2.2.6 | — |
| Linux | Linux Kernel | 2.2.7 | — |
| Linux | Linux Kernel | 2.2.8 | — |
| Linux | Linux Kernel | 2.2.9 | — |
| Linux | Linux Kernel | 2.2.10 | — |
| Linux | Linux Kernel | 2.2.11 | — |
| Linux | Linux Kernel | 2.2.12 | — |
| Linux | Linux Kernel | 2.2.13 | — |
| Linux | Linux Kernel | 2.2.14 | — |
| Linux | Linux Kernel | 2.2.15 | — |
| Linux | Linux Kernel | 2.2.15_pre20 | — |
| Linux | Linux Kernel | 2.2.16 | — |
| Linux | Linux Kernel | 2.2.17 | — |
| Linux | Linux Kernel | 2.2.18 | — |
| Linux | Linux Kernel | 2.2.19 | — |
| Linux | Linux Kernel | 2.2.20 | — |
| Linux | Linux Kernel | 2.2.21 | — |
| Linux | Linux Kernel | 2.2.22 | — |
| Linux | Linux Kernel | 2.2.23 | — |
| Linux | Linux Kernel | 2.2.24 | — |
| Linux | Linux Kernel | 2.2.25 | — |
| Linux | Linux Kernel | 2.3.0 | — |
| Linux | Linux Kernel | 2.3.99 | — |
| Linux | Linux Kernel | 2.4.0 | — |
| Linux | Linux Kernel | 2.4.1 | — |
| Linux | Linux Kernel | 2.4.2 | — |
| Linux | Linux Kernel | 2.4.3 | — |
| Linux | Linux Kernel | 2.4.4 | — |
| Linux | Linux Kernel | 2.4.5 | — |
| Linux | Linux Kernel | 2.4.6 | — |
| Linux | Linux Kernel | 2.4.7 | — |
| Linux | Linux Kernel | 2.4.8 | — |
| Linux | Linux Kernel | 2.4.9 | — |
| Linux | Linux Kernel | 2.4.10 | — |
| Linux | Linux Kernel | 2.4.11 | — |
| Linux | Linux Kernel | 2.4.12 | — |
| Linux | Linux Kernel | 2.4.13 | — |
| Linux | Linux Kernel | 2.4.14 | — |
| Linux | Linux Kernel | 2.4.15 | — |
| Linux | Linux Kernel | 2.4.16 | — |
| Linux | Linux Kernel | 2.4.17 | — |
| Linux | Linux Kernel | 2.4.18 | — |
| Linux | Linux Kernel | 2.4.19 | — |
| Linux | Linux Kernel | 2.4.20 | — |
Showing 50 of 143 affected configurations. See NVD for the full list.
References
- http://www.gentoo.org/security/en/glsa/glsa-200408-24.xmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/981134Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/10892Patch, Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200408-24.xmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/981134Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/10892Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-0685?
How severe is CVE-2004-0685?
How do I fix CVE-2004-0685?
Are you affected by CVE-2004-0685?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST