CVE-2004-1016

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4.x up to 2.4.28 Linux kernel versions 2.6.x up to 2.6.9 kernel-image-2.4.19-sun4u-smp kernel-image-2.4.18-powerpc-xfs kernel-image-2.4.18-sun4u kernel-patch-benh kernel-image-2.4.18-sun4u-smp kernel-headers-2.4.19-sparc kernel-headers-2.4.18-sparc kernel-image-2.4.19-sun4u

Description The issue affects the Linux kernel and various Debian GNU/Linux packages, potentially leading to disruptions in confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. A specific function, scm send, in the scm layer of the Linux kernel, allows local users to cause a denial of service (system hang) via crafted auxiliary messages passed to the sendmsg function, resulting in a deadlock condition.

Recommendations For Linux kernel versions 2.4.x up to 2.4.28 and 2.6.x up to 2.6.9, consider updating to a newer version to mitigate the risk. For kernel-image-2.4.19-sun4u-smp, kernel-image-2.4.18-powerpc-xfs, kernel-image-2.4.18-sun4u, kernel-patch-benh, kernel-image-2.4.18-sun4u-smp, kernel-headers-2.4.19-sparc, kernel-headers-2.4.18-sparc, and kernel-image-2.4.19-sun4u, at the moment, there is no information about a newer version that contains a fix for this vulnerability.