Zoltan Sogor

**Name of the Vulnerable Software and Affected Versions** Red Hat Enterprise Linux kernel versions 2.4.9 Red Hat Enterprise Linux kernel versions 2.4.18 Debian GNU/Linux linux-headers versions 2.6.24-etchnhalf.1-all-mips Debian GNU/Linux linux-headers versions 2.6.24-etchnhalf.1-r4k-ip22 Debian GNU/Linux linux-headers versions 2.6.24-etchnhalf.1-r5k-ip32 openSUSE kernel-rt debug-debugsource (affected versions not specified) openSUSE kernel-rt debug-debuginfo (affected versions not specified) Linux kernel versions prior to 2.6.25.15 **Description** The issue concerns multiple vulnerabilities in various Linux kernel packages across different operating systems, including Red Hat Enterprise Linux and Debian GNU/Linux. These vulnerabilities can lead to disruptions in confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. Specifically, functions like `real lookup` and ` lookup hash` in the Linux kernel's vfs implementation have issues that allow local users to cause a denial of service by attempting file creations within deleted directories. **Recommendations** For Red Hat Enterprise Linux kernel version 2.4.9, update to a version that includes the necessary security patches. For Red Hat Enterprise Linux kernel version 2.4.18, update to a version that includes the necessary security patches. For Debian GNU/Linux linux-headers version 2.6.24-etchnhalf.1-all-mips, update to a version that includes the necessary security patches. For Debian GNU/Linux linux-headers version 2.6.24-etchnhalf.1-r4k-ip22, update to a version that includes the necessary security patches. For Debian GNU/Linux linux-headers version 2.6.24-etchnhalf.1-r5k-ip32, update to a version that includes the necessary security patches. For openSUSE kernel-rt debug-debugsource and kernel-rt debug-debuginfo, update to versions that include the necessary security patches. For Linux kernel versions prior to 2.6.25.15, update to version 2.6.25.15 or later to resolve the issue. As a temporary workaround, consider restricting access to vulnerable kernel functions until a patch is available.