Improper mlock Page Count Maintenance Vulnerability in Red Hat Enterprise Linux 3

Improper mlock Page Count Maintenance Vulnerability in Red Hat Enterprise Linux 3

CVE-2004-0491 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.