Andrzej Szombierski

**Name of the Vulnerable Software and Affected Versions** pcmcia-modules-2.4.18-bf2.4 version 2.4.18-bf2.4 kernel-2.2.24 version 2.2.24 kernel-2.4.20 version 2.4.20 kernel-source-2.4.20 version 2.4.20 kernel-smp-2.4.20 version 2.4.20 kernel-iseries-2.4.18 version 2.4.18 mkcramfs (affected versions not specified) kernel-patch-2.4.16-arm (affected versions not specified) kernel-image-2.4.16-riscpc (affected versions not specified) kernel-headers-2.4.16 (affected versions not specified) kernel-2.4.9 version 2.4.9 kernel-2.2.x versions prior to 2.2.25 kernel-2.4.x versions prior to 2.4.21 krb5-libs-1.2.2 version 1.2.2 kernel-doc-2.4.18 version 2.4.18 kernel-doc-2.4.9 version 2.4.9 kernel-bigmem-2.4.18 version 2.4.18 kernel-bigmem-2.4.20 version 2.4.20 kernel-doc-2.4.16 (affected versions not specified) kernel-source-2.4.16 (affected versions not specified) modutils-devel-2.4.22 version 2.4.22 modutils-2.4.22 version 2.4.22 kernel-pcmcia-cs-2.2.24 version 2.2.24 kernel-smp-2.4.18 version 2.4.18 kernel-headers-2.2.24 version 2.2.24 kernel-2.4.18 version 2.4.18 kernel-BOOT-2.4.18 version 2.4.18 kernel-source-2.2.24 version 2.2.24 kernel-doc-2.4.20 version 2.4.20 kernel-smp-2.4.9 version 2.4.9 kernel-image-2.4.16-lart (affected versions not specified) kernel-BOOT-2.2.24 version 2.2.24 kernel-BOOT-2.4.20 version 2.4.20 kernel-image-2.4.16-netwinder (affected versions not specified) kernel-pseries-2.4.18 version 2.4.18 iptables-1.2.5 version 1.2.5 iptables-ipv6-1.2.5 version 1.2.5 cross-ppc64 (affected versions not specified) kernel-debug-2.4.18 version 2.4.18 **Description** The issue involves multiple vulnerabilities in various Linux kernel packages and related components. These vulnerabilities can be exploited to compromise the confidentiality, integrity, and availability of protected information. Exploitation can occur both locally and remotely, depending on the specific vulnerability and package affected. The kernel module loader in Linux kernel versions prior to 2.2.25 and 2.4.21 is also vulnerable, allowing local users to gain root privileges. **Recommendations** For kernel-2.2.x versions prior to 2.2.25, update to version 2.2.25 or later. For kernel-2.4.x versions prior to 2.4.21, update to version 2.4.21 or later. For pcmcia-modules-2.4.18-bf2.4, kernel-2.2.24, kernel-2.4.20, kernel-source-2.4.20, kernel-smp-2.4.20, kernel-iseries-2.4.18, kernel-2.4.9, krb5-libs-1.2.2, kernel-doc-2.4.18, kernel-doc-2.4.9, kernel-bigmem-2.4.18, kernel-bigmem-2.4.20, modutils-devel-2.4.22, modutils-2.4.22, kernel-pcmcia-cs-2.2.24, kernel-smp-2.4.18, kernel-headers-2.2.24, kernel-2.4.18, kernel-BOOT-2.4.18, kernel-source-2.2.24, kernel-doc-2.4.20, kernel-smp-2.4.9, kernel-BOOT-2.2.24, kernel-BOOT-2.4.20, kernel-pseries-2.4.18, iptables-1.2.5, iptables-ipv6-1.2.5, and kernel-debug-2.4.18, update to the latest available version. For mkcramfs, kernel-patch-2.4.16-arm, kernel-image-2.4.16-riscpc, kernel-headers-2.4.16, kernel-source-2.4.16, kernel-doc-2.4.16, kernel-image-2.4.16-lart, kernel-image-2.4.16-netwinder, and cross-ppc64, at the moment, there is no information about a newer version that contains a fix for this vulnerability.