CVE-2002-1573

Name of the Vulnerable Software and Affected Versions Red Hat Linux kernel versions 2.4.9 through 2.4.18 Red Hat Linux kernel-smp versions 2.4.9 through 2.4.18 Red Hat Linux kernel-source versions 2.4.9 through 2.4.18 Red Hat Linux kernel-BOOT versions 2.4.9 through 2.4.18 Red Hat Linux kernel-debug version 2.4.18 Red Hat Linux kernel-bigmem version 2.4.18 Red Hat Linux modutils version 2.4.18 Red Hat Linux modutils-devel version 2.4.18 Red Hat Linux kernel-doc versions 2.4.9 through 2.4.18 Red Hat Linux kernel-utils version 2.4 Red Hat Linux dev version 3.3 Red Hat Linux iptables version 1.2.5 Red Hat Linux iptables-ipv6 version 1.2.5 Red Hat Linux krb5-libs version 1.2.2

Description The issue affects multiple packages in Red Hat Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be local or remote, depending on the package. The vulnerability in the pcilynx ieee1394 firewire driver has an unknown impact and attack vector, related to "wrap handling."

Recommendations For kernel versions 2.4.9 through 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-smp versions 2.4.9 through 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-source versions 2.4.9 through 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-BOOT versions 2.4.9 through 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-debug version 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-bigmem version 2.4.18, consider updating to a newer version to mitigate the risk. For modutils version 2.4.18, consider updating to a newer version to mitigate the risk. For modutils-devel version 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-doc versions 2.4.9 through 2.4.18, consider updating to a newer version to mitigate the risk. For kernel-utils version 2.4, consider updating to a newer version to mitigate the risk. For dev version 3.3, consider updating to a newer version to mitigate the risk. For iptables version 1.2.5, consider updating to a newer version to mitigate the risk. For iptables-ipv6 version 1.2.5, consider updating to a newer version to mitigate the risk. For krb5-libs version 1.2.2, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider disabling the vulnerable functions until a patch is available. Restrict access to the vulnerable modules to minimize the risk of exploitation. Avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved.