CVE-2004-0138

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.25 Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-patch-benh version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-headers-2.4.19-sparc version Debian GNU/Linux kernel-headers-2.4.18-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version

Description The issue allows local users to cause a denial of service via a crafted ELF file with an interpreter with an invalid arch, which triggers a BUG when an invalid VMA is unmapped. Multiple vulnerabilities in Debian GNU/Linux kernel packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For Linux kernel versions prior to 2.4.25, update to version 2.4.25 or later to resolve the issue. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-sun4u, consider applying available security patches or updates. For Debian GNU/Linux kernel-patch-benh, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp, consider applying available security patches or updates. For Debian GNU/Linux kernel-headers-2.4.19-sparc, consider applying available security patches or updates. For Debian GNU/Linux kernel-headers-2.4.18-sparc, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.19-sun4u, consider applying available security patches or updates.