CVE-2004-2731

Advisory lineage Upstream: 0 Downstream: 2

Downstream

DSA-1503-1 DSA-1503-2

Modified

Published: 09 Oct 2007, 10:00

Last modified:08 Aug 2024, 01:36

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

4.4 MEDIUM

v2.0 (nvd)

EPSS Score

0.14% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

2 found

Dark Web

Not detected

Timeline

09 Oct 2007, 10:00

Published

Vulnerability first disclosed

08 Aug 2024, 01:36

Last Modified

Vulnerability information updated

Description

Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.

CVSS Metrics

v2.0•MEDIUM•Score: 4.4AV:L/AC:M/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 0.14%• Percentile: 34%

Techniques & Countermeasures

CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

linux•linux_kernel
2.4.0 | 2.4.0:test1 | 2.4.0:test10 | 2.4.0:test11 | 2.4.0:test12 | 2.4.0:test2 | 2.4.0:test3 | 2.4.0:test4 | 2.4.0:test5 | 2.4.0:test6 | 2.4.0:test7 | 2.4.0:test8 | 2.4.0:test9 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.3:pre3 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 | 2.4.9 | 2.4.9_pre5 | 2.4.10 | 2.4.11 | 2.4.11:pre3 | 2.4.12 | 2.4.13 | 2.4.14 | 2.4.15 | 2.4.16 | 2.4.17 | 2.4.18 | 2.4.18:pre1 | 2.4.18:pre2 | 2.4.18:pre3 | 2.4.18:pre4 | 2.4.18:pre5 | 2.4.18:pre6 | 2.4.18:pre7 | 2.4.18:pre8 | 2.4.18:pre9 | 2.4.19 | 2.4.19:pre1 | 2.4.19:pre2 | 2.4.19:pre3 | 2.4.19:pre4 | 2.4.19:pre5 | 2.4.19:pre6 | 2.4.20 | 2.4.21 | 2.4.21:pre1 | 2.4.21:pre4 | 2.4.21:pre7 | 2.4.22 | 2.4.22:pre10 | 2.4.23 | 2.4.23:pre9 | 2.4.23_ow2 | 2.4.24 | 2.4.24_ow1 | 2.4.25 | 2.4.26 | 2.4.27 | 2.4.27:pre1 | 2.4.27:pre2 | 2.4.27:pre3 | 2.4.27:pre4 | 2.4.27:pre5 | 2.4.28 | 2.4.29 | 2.4.29:rc1 | 2.4.29:rc2 | 2.4.30 | 2.4.30:rc2 | 2.4.30:rc3 | 2.4.31 | 2.4.31:pre1 | 2.4.32 | 2.4.32:pre1 | 2.4.32:pre2 | 2.4.33 | 2.4.33:pre1 | 2.4.33.2 | 2.4.33.3 | 2.4.33.4 | 2.4.33.5 | 2.4.34 | 2.4.34:rc3 | 2.4.34.1 | 2.4.34.2 | 2.4.35 | 2.4.35.2 | 2.6.0 | 2.6.1 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.7