CVE-2004-1234

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.26 Debian GNU/Linux kernel-image-2.4.19-sun4u-smp versions Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs versions Debian GNU/Linux kernel-image-2.4.18-sun4u versions Debian GNU/Linux kernel-patch-benh versions Debian GNU/Linux kernel-image-2.4.18-sun4u-smp versions Debian GNU/Linux kernel-headers-2.4.19-sparc versions Debian GNU/Linux kernel-headers-2.4.18-sparc versions Debian GNU/Linux kernel-image-2.4.19-sun4u versions

Description The issue concerns multiple vulnerabilities in the Linux kernel and Debian GNU/Linux kernel packages. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. A specific vulnerability in the load elf binary function in Linux before version 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary with a NULL interpreter.

Recommendations For Linux kernel versions prior to 2.4.26, update to version 2.4.26 or later to resolve the issue. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, consider disabling the vulnerable components until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, restrict access to the vulnerable module to minimize the risk of exploitation. For Debian GNU/Linux kernel-image-2.4.18-sun4u, avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved. For Debian GNU/Linux kernel-patch-benh, kernel-image-2.4.18-sun4u-smp, kernel-headers-2.4.19-sparc, kernel-headers-2.4.18-sparc, and kernel-image-2.4.19-sun4u, at the moment, there is no information about a newer version that contains a fix for this vulnerability.