CVE-2003-0247

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux (affected versions not specified) Red Hat Linux kernel-2.4.18 Red Hat Linux kernel-2.4.20 Red Hat Linux kernel-smp-2.4.20 Red Hat Linux kernel-iseries-2.4.18 Red Hat Linux kernel-source-2.4.18 Red Hat Linux kernel-source-2.4.20 Red Hat Linux kernel-doc-2.4.18 Red Hat Linux kernel-doc-2.4.20 Red Hat Linux kernel-BOOT-2.4.20 Red Hat Linux kernel-bigmem-2.4.20 Red Hat Linux kernel-pseries-2.4.18 Red Hat Linux pcmcia-modules-2.4.18-bf2.4 Red Hat Linux modutils-2.4.22 Red Hat Linux modutils-devel-2.4.22 Red Hat Linux iptables-1.2.5 Red Hat Linux iptables-ipv6-1.2.5 Red Hat Linux quota-3.06 Red Hat Linux cross-ppc64 Red Hat Linux mkcramfs (affected versions not specified)

Description The issue affects multiple packages in Red Hat Linux and Debian GNU/Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely or locally, depending on the package. The vulnerabilities may cause a denial of service or allow attackers to disrupt the system.

Recommendations For Red Hat Linux kernel-2.4.18, consider disabling vulnerable functions until a patch is available. For Red Hat Linux kernel-2.4.20, restrict access to vulnerable modules to minimize the risk of exploitation. For Red Hat Linux kernel-smp-2.4.20, kernel-iseries-2.4.18, kernel-source-2.4.18, kernel-source-2.4.20, kernel-doc-2.4.18, kernel-doc-2.4.20, kernel-BOOT-2.4.20, kernel-bigmem-2.4.20, and kernel-pseries-2.4.18, apply configuration changes to mitigate the risk. For Red Hat Linux pcmcia-modules-2.4.18-bf2.4, modutils-2.4.22, modutils-devel-2.4.22, iptables-1.2.5, iptables-ipv6-1.2.5, quota-3.06, and cross-ppc64, avoid using vulnerable parameters or variables in affected API endpoints until the issue is resolved. For Debian GNU/Linux and Red Hat Linux mkcramfs, at the moment, there is no information about a newer version that contains a fix for this vulnerability.