CVE-2001-1384

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.2.x through 2.2.19 Linux kernel versions 2.4.x through 2.4.9 e2fsprogs version 1.23 e2fsprogs-devel version 1.23 modutils version 2.4.6 initscripts version 5.84.1 filesystem version 2.1.0 mkinitrd version 3.2.6 krb5-libs version 1.2.2

Description The issue is related to multiple vulnerabilities in the Linux kernel and other packages, which can lead to a breach of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done locally or remotely. The ptrace component in Linux is also affected by errors in the code, allowing a local attacker to elevate their privileges to the root user level by combining system calls exec and ptrace.

Recommendations For Linux kernel versions 2.2.x through 2.2.19, update to a newer version to mitigate the risk. For Linux kernel versions 2.4.x through 2.4.9, update to a newer version to mitigate the risk. For e2fsprogs version 1.23, update to a newer version to mitigate the risk. For e2fsprogs-devel version 1.23, update to a newer version to mitigate the risk. For modutils version 2.4.6, update to a newer version to mitigate the risk. For initscripts version 5.84.1, update to a newer version to mitigate the risk. For filesystem version 2.1.0, update to a newer version to mitigate the risk. For mkinitrd version 3.2.6, update to a newer version to mitigate the risk. For krb5-libs version 1.2.2, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the ptrace component until a patch is available.