{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Linux 2.6.2 et versions ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Linux 2.4.24 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nIl a \u00e9t\u00e9 report\u00e9 qu'une nouvelle vuln\u00e9rabilit\u00e9 pr\u00e9sente dans l'appel\nsyst\u00e8me mremap du noyau Linux pourrait \u00eatre exploit\u00e9e par un utilisateur\nmal intentionn\u00e9 afin d'obtenir les privil\u00e8ges du super-utilisateur root\nou r\u00e9aliser un d\u00e9ni de service par arr\u00eat brutal du syst\u00e8me.\n\nCet appel syst\u00e8me ne n\u00e9cessitant pas de privil\u00e8ges particuliers,\nn'importe quel utilisateur peut tenter d'exploiter cette faille.\n\nBien que similaire \u00e0 la vuln\u00e9rabilit\u00e9 pr\u00e9sente dans l'avis\nCERTA-2004-AVI-002, il s'agit bien d'un nouveau probl\u00e8me de s\u00e9curit\u00e9.\n\n## Solution\n\nLes versions 2.4.25 et 2.6.3 du noyau Linux corrigent cette\nvuln\u00e9rabilit\u00e9.\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 SSA:2004-049-01 de Slackware :","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.541911"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-441"},{"title":"Bulletin de s\u00e9curit\u00e9 GLSA 200403-02 de Gentoo :","url":"http://www.securityfocus.com/advisories/6428"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-442"},{"title":"Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 2.0 :","url":"http://www.vmware.com/download/esx/esx20-7483update.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RHSA-2004:065 de Red Hat :","url":"http://rhn.redhat.com/errata/RHSA-2004-065.html"},{"title":"Sources du noyau Linux :","url":"http://www.kernel.org"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-439"},{"title":"Bulletin de s\u00e9curit\u00e9 SmoothWall :","url":"http://www.smoothwall.org/security/advisories/SWP-2004.002.html"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-440"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-438"},{"title":"Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 2.0.1 :","url":"http://www.vmware.com/download/esx/esx201-7427update.html"},{"title":"Bulletin de s\u00e9curit\u00e9 SuSE-SA:2004:005 de SuSE :","url":"http://www.suse.com/de/security/2004_05_linux_kernel.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de VMware pour ESX Server 1.5.2 :","url":"http://www.vmware.com/download/esx/esx152-7428update.html"},{"title":"Bulletins de s\u00e9curit\u00e9 DSA-438, DSA-439, DSA-440, DSA-441,    DSA-442, DSA-470 de Debian :","url":"http://www.debian.org/security/2004/dsa-470"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandrake MDKSA-2004:015 :","url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:015"}],"reference":"CERTA-2004-AVI-042","revisions":[{"description":"version initiale.","revision_date":"2004-02-18T00:00:00.000000"},{"description":"Ajout r\u00e9f\u00e9rences aux bulletins SuSE-SA:2004:005 et DSA-442.","revision_date":"2004-02-20T00:00:00.000000"},{"description":"Ajout r\u00e9f\u00e9rence au bulletin Mandrake MDKSA-2004:015.","revision_date":"2004-02-25T00:00:00.000000"},{"description":"Ajout r\u00e9f\u00e9rence au bulletin SmoothWall SWP-2004.002.","revision_date":"2004-02-27T00:00:00.000000"},{"description":"Ajout r\u00e9f\u00e9rences aux bulletins Debian DSA-470 et Gentoo GLSA 200403-02.","revision_date":"2004-04-05T00:00:00.000000"},{"description":"Ajout r\u00e9f\u00e9rences aux bulletins de VMware pour ESX Server.","revision_date":"2004-04-06T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 du noyau linux","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 isec-0014-mremap-unmap d'Isec","url":"http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt"}]}