Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2004-0177

Date: April 15, 2004

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.

Severity Score

Related Resources (27)

https://bugzilla.fedora.us/show_bug.cgi?id=2336
http://www.redhat.com/support/errata/RHSA-2004-505.html
http://www.debian.org/security/2004/dsa-480
http://www.debian.org/security/2004/dsa-481
http://rhn.redhat.com/errata/RHSA-2004-166.html
http://www.debian.org/security/2004/dsa-482
http://www.ciac.org/ciac/bulletins/o-126.shtml
http://www.securityfocus.com/bid/10152
http://www.ciac.org/ciac/bulletins/o-121.shtml
http://www.redhat.com/support/errata/RHSA-2004-504.html
http://www.mandriva.com/security/advisories?name=MDKSA-2004:029
https://exchange.xforce.ibmcloud.com/vulnerabilities/15867
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10556
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
http://www.redhat.com/support/errata/RHSA-2005-293.html
http://marc.info/?l=bugtraq&m=108213675028441&w=2
http://www.debian.org/security/2004/dsa-479
http://www.debian.org/security/2004/dsa-495
http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html
http://www.debian.org/security/2004/dsa-491
http://linux.bkbits.net:8080/linux-2.4/cset%404056b368s6vpJbGWxDD_LhQNYQrdzQ
http://security.gentoo.org/glsa/glsa-200407-02.xml
https://people.canonical.com/~ubuntu-security/cve/CVE-2004-0177
https://nvd.nist.gov/vuln/detail/CVE-2004-0177
http://www.ciac.org/ciac/bulletins/o-127.shtml
http://www.debian.org/security/2004/dsa-489
https://www.mend.io/vulnerability-database/CVE-2004-0177

Severity Score

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW
Additional information:

Do you need more information?

Contact Us