CVE-2004-0997

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.17 Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-image-2.4.19-sun4u version Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Debian GNU/Linux kernel-headers-2.4.18-sparc version Debian GNU/Linux kernel-headers-2.4.19-sparc version Debian GNU/Linux kernel-patch-benh version

Description The issue involves multiple vulnerabilities in the Linux kernel and Debian GNU/Linux packages, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities in the Linux kernel's ptrace MIPS assembly code allow local users to gain privileges via unknown vectors.

Recommendations For Linux kernel version prior to 2.4.17, update to version 2.4.17 or later. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, consider disabling the package until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-sun4u, restrict access to the kernel until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp, avoid using the vulnerable kernel until a patch is available. For Debian GNU/Linux kernel-image-2.4.19-sun4u, consider disabling the kernel until a patch is available. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, restrict access to the kernel until a patch is available. For Debian GNU/Linux kernel-headers-2.4.18-sparc, avoid using the vulnerable headers until a patch is available. For Debian GNU/Linux kernel-headers-2.4.19-sparc, consider disabling the headers until a patch is available. For Debian GNU/Linux kernel-patch-benh, restrict access to the patch until a patch is available.