CVE-2004-0491 - Learned Living

Description

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process which allows local users to mlock more memory than specified by the rlimit.

Reference

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126411 http://www.redhat.com/support/errata/RHSA-2005-472.html http://www.securityfocus.com/bid/13769 ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U http://secunia.com/advisories/19607 http://marc.info/?l=linux-kernel&m=108087017610947&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10672