CVE-2003-0961

Name of the Vulnerable Software and Affected Versions Red Hat Linux kernel versions prior to 2.4.22 Red Hat Linux kernel-2.4.20 version Red Hat Linux kernel-smp-2.4.20 version Red Hat Linux kernel-doc-2.4.20 version Red Hat Linux kernel-source-2.4.20 version Red Hat Linux kernel-BOOT-2.4.20 version Red Hat Linux kernel-bigmem-2.4.20 version

Description The issue affects the Red Hat Linux kernel, allowing for potential exploitation that could compromise confidentiality, integrity, and availability of protected information. This can be exploited remotely. An integer overflow in the do brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.

Recommendations For Red Hat Linux kernel versions prior to 2.4.22, update to a version 2.4.22 or later. For Red Hat Linux kernel-2.4.20 version, consider disabling the brk system call until a patch is available. For Red Hat Linux kernel-smp-2.4.20 version, restrict access to the kernel until a patch is available. For Red Hat Linux kernel-doc-2.4.20 version, avoid using the kernel-doc package until the issue is resolved. For Red Hat Linux kernel-source-2.4.20 version, consider disabling the kernel-source package until a patch is available. For Red Hat Linux kernel-BOOT-2.4.20 version, restrict access to the kernel-BOOT package until a patch is available. For Red Hat Linux kernel-bigmem-2.4.20 version, consider disabling the kernel-bigmem package until a patch is available.