CVE-2004-2607

A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2607
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.4.18-pre1	2.4.18-pre1.x
linux / linux_kernel	2.4.0-test1	2.4.0-test1.x
linux / linux_kernel	2.6.5	2.6.5.x
linux / linux_kernel	2.4.27-pre3	2.4.27-pre3.x
linux / linux_kernel	2.4.18-pre3	2.4.18-pre3.x
linux / linux_kernel	2.4.18-pre5	2.4.18-pre5.x
linux / linux_kernel	2.4.26	2.4.26.x
linux / linux_kernel	2.4.0-test6	2.4.0-test6.x
linux / linux_kernel	2.4.19-pre1	2.4.19-pre1.x
linux / linux_kernel	2.4.21-pre7	2.4.21-pre7.x
linux / linux_kernel	2.4.27-pre2	2.4.27-pre2.x
linux / linux_kernel	2.4.19-pre4	2.4.19-pre4.x
linux / linux_kernel	2.6.3	2.6.3.x
linux / linux_kernel	2.6.4	2.6.4.x
linux / linux_kernel	2.4.21-pre1	2.4.21-pre1.x
linux / linux_kernel	2.4.23_ow2	2.4.23_ow2.x
linux / linux_kernel	2.4.22-pre10	2.4.22-pre10.x
linux / linux_kernel	2.4.23	2.4.23.x
linux / linux_kernel	2.6.2	2.6.2.x
linux / linux_kernel	2.4.0-test3	2.4.0-test3.x
linux / linux_kernel	2.6.1-rc2	2.6.1-rc2.x
linux / linux_kernel	2.4.29-rc1	2.4.29-rc1.x
linux / linux_kernel	2.4.25	2.4.25.x
linux / linux_kernel	2.4.0-test8	2.4.0-test8.x
linux / linux_kernel	2.4.24	2.4.24.x
linux / linux_kernel	2.4.23-pre9	2.4.23-pre9.x
linux / linux_kernel	2.4.28	2.4.28.x
linux / linux_kernel	2.4.0-test7	2.4.0-test7.x
linux / linux_kernel	2.6.0	2.6.0.x
linux / linux_kernel	2.4.24_ow1	2.4.24_ow1.x
linux / linux_kernel	2.4.18-pre4	2.4.18-pre4.x
linux / linux_kernel	2.4.19-pre6	2.4.19-pre6.x
linux / linux_kernel	2.4.19-pre2	2.4.19-pre2.x
linux / linux_kernel	2.4.0-test12	2.4.0-test12.x
linux / linux_kernel	2.4.18-pre6	2.4.18-pre6.x
linux / linux_kernel	2.4.19-pre3	2.4.19-pre3.x
linux / linux_kernel	2.4.27-pre5	2.4.27-pre5.x
linux / linux_kernel	2.4.27-pre1	2.4.27-pre1.x
linux / linux_kernel	2.4.0-test2	2.4.0-test2.x
linux / linux_kernel	2.4.18	2.4.18.x
linux / linux_kernel	2.4.19-pre5	2.4.19-pre5.x
linux / linux_kernel	2.4.21-pre4	2.4.21-pre4.x
linux / linux_kernel	2.4.0-test5	2.4.0-test5.x
linux / linux_kernel	2.6.1-rc1	2.6.1-rc1.x
linux / linux_kernel	2.4.27-pre4	2.4.27-pre4.x
linux / linux_kernel	2.4.18-pre2	2.4.18-pre2.x
linux / linux_kernel	2.4.18-pre8	2.4.18-pre8.x
linux / linux_kernel	2.4.27	2.4.27.x
linux / linux_kernel	2.4.0-test11	2.4.0-test11.x
linux / linux_kernel	2.4.0-test4	2.4.0-test4.x
linux / linux_kernel	2.4.0-test10	2.4.0-test10.x
linux / linux_kernel	2.4.29	2.4.29.x
linux / linux_kernel	2.4.0-test9	2.4.0-test9.x
linux / linux_kernel	2.4.18-pre7	2.4.18-pre7.x

Vulnerability Database

289,599

CVE-2004-2607