PT-2002-3141 · Linux+3 · Kernel-Smp+20
Andrzej Szombierski
·
Publicado
1970-01-01
·
Atualizado
2018-05-03
·
CVE-2003-0127
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
pcmcia-modules-2.4.18-bf2.4 version 2.4.18-bf2.4
kernel-2.2.24 version 2.2.24
kernel-2.4.20 version 2.4.20
kernel-source-2.4.20 version 2.4.20
kernel-smp-2.4.20 version 2.4.20
kernel-iseries-2.4.18 version 2.4.18
mkcramfs (affected versions not specified)
kernel-patch-2.4.16-arm (affected versions not specified)
kernel-image-2.4.16-riscpc (affected versions not specified)
kernel-headers-2.4.16 (affected versions not specified)
kernel-2.4.9 version 2.4.9
kernel-2.2.x versions prior to 2.2.25
kernel-2.4.x versions prior to 2.4.21
krb5-libs-1.2.2 version 1.2.2
kernel-doc-2.4.18 version 2.4.18
kernel-doc-2.4.9 version 2.4.9
kernel-bigmem-2.4.18 version 2.4.18
kernel-bigmem-2.4.20 version 2.4.20
kernel-doc-2.4.16 (affected versions not specified)
kernel-source-2.4.16 (affected versions not specified)
modutils-devel-2.4.22 version 2.4.22
modutils-2.4.22 version 2.4.22
kernel-pcmcia-cs-2.2.24 version 2.2.24
kernel-smp-2.4.18 version 2.4.18
kernel-headers-2.2.24 version 2.2.24
kernel-2.4.18 version 2.4.18
kernel-BOOT-2.4.18 version 2.4.18
kernel-source-2.2.24 version 2.2.24
kernel-doc-2.4.20 version 2.4.20
kernel-smp-2.4.9 version 2.4.9
kernel-image-2.4.16-lart (affected versions not specified)
kernel-BOOT-2.2.24 version 2.2.24
kernel-BOOT-2.4.20 version 2.4.20
kernel-image-2.4.16-netwinder (affected versions not specified)
kernel-pseries-2.4.18 version 2.4.18
iptables-1.2.5 version 1.2.5
iptables-ipv6-1.2.5 version 1.2.5
cross-ppc64 (affected versions not specified)
kernel-debug-2.4.18 version 2.4.18
Description
The issue involves multiple vulnerabilities in various Linux kernel packages and related components. These vulnerabilities can be exploited to compromise the confidentiality, integrity, and availability of protected information. Exploitation can occur both locally and remotely, depending on the specific vulnerability and package affected. The kernel module loader in Linux kernel versions prior to 2.2.25 and 2.4.21 is also vulnerable, allowing local users to gain root privileges.
Recommendations
For kernel-2.2.x versions prior to 2.2.25, update to version 2.2.25 or later.
For kernel-2.4.x versions prior to 2.4.21, update to version 2.4.21 or later.
For pcmcia-modules-2.4.18-bf2.4, kernel-2.2.24, kernel-2.4.20, kernel-source-2.4.20, kernel-smp-2.4.20, kernel-iseries-2.4.18, kernel-2.4.9, krb5-libs-1.2.2, kernel-doc-2.4.18, kernel-doc-2.4.9, kernel-bigmem-2.4.18, kernel-bigmem-2.4.20, modutils-devel-2.4.22, modutils-2.4.22, kernel-pcmcia-cs-2.2.24, kernel-smp-2.4.18, kernel-headers-2.2.24, kernel-2.4.18, kernel-BOOT-2.4.18, kernel-source-2.2.24, kernel-doc-2.4.20, kernel-smp-2.4.9, kernel-BOOT-2.2.24, kernel-BOOT-2.4.20, kernel-pseries-2.4.18, iptables-1.2.5, iptables-ipv6-1.2.5, and kernel-debug-2.4.18, update to the latest available version.
For mkcramfs, kernel-patch-2.4.16-arm, kernel-image-2.4.16-riscpc, kernel-headers-2.4.16, kernel-source-2.4.16, kernel-doc-2.4.16, kernel-image-2.4.16-lart, kernel-image-2.4.16-netwinder, and cross-ppc64, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel
Cross-Ppc64
Iptables
Iptables-Ipv6
Kernel
Kernel-Boot
Kernel-Bigmem
Kernel-Debug
Kernel-Doc
Kernel-Headers
Kernel-Image
Kernel-Iseries
Kernel-Patch
Kernel-Pcmcia-Cs
Kernel-Pseries
Kernel-Smp
Kernel-Source
Krb5-Libs
Mkcramfs
Modutils
Pcmcia-Modules