PT-2001-2686 · Red Hat+2 · Losetup+5

Published

1970-01-01

Updated

2016-12-08

CVE-2001-1396

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.2.19 Debian GNU/Linux kernel-image-2.2.19-sun4dm-pci version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-sun4dm-smp version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-mac version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-ide version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-atari version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-amiga version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-mvme147 version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-mvme16x version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-generic version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-idepci version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-compact version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-jensen version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-chrp version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-prep version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-sun4u version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-pmac version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-sun4u-smp version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-sun4cdm version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-nautilus version 2.2.19 Debian GNU/Linux kernel-image-2.2.19-bvme6000 version 2.2.19 Debian GNU/Linux kernel-headers-2.2.19-ide version 2.2.19 Debian GNU/Linux kernel-headers-2.2.19-idepci version 2.2.19 Debian GNU/Linux kernel-headers-2.2.19-sparc version 2.2.19 Debian GNU/Linux kernel-headers-2.2.19-compact version 2.2.19 Red Hat Linux mount-2.10r-0.6.x version 2.10r-0.6.x Red Hat Linux mount-2.10r-5 version 2.10r-5 Red Hat Linux losetup-2.10r-0.6.x version 2.10r-0.6.x Red Hat Linux losetup-2.10r-5 version 2.10r-5 Red Hat Linux nfs-utils-0.3.1 version 0.3.1

Description The issue affects the Linux kernel and various packages in Debian GNU/Linux and Red Hat Linux, potentially leading to confidentiality, integrity, and availability breaches. Exploitation can be done remotely.

Recommendations As a temporary workaround, consider disabling the strnlen user function until a patch is available. For Linux kernel versions prior to 2.2.19, update to version 2.2.19 or later. For Debian GNU/Linux kernel-image-2.2.19-sun4dm-pci version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-sun4dm-smp version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-mac version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-ide version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-atari version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-amiga version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-mvme147 version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-mvme16x version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-generic version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-idepci version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-compact version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-jensen version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-chrp version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-prep version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-sun4u version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-pmac version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-sun4u-smp version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-sun4cdm version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-nautilus version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-image-2.2.19-bvme6000 version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-headers-2.2.19-ide version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-headers-2.2.19-idepci version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-headers-2.2.19-sparc version 2.2.19, update to a newer version. For Debian GNU/Linux kernel-headers-2.2.19-compact version 2.2.19, update to a newer version. For Red Hat Linux mount-2.10r-0.6.x version 2.10r-0.6.x, update to a newer version. For Red Hat Linux mount-2.10r-5 version 2.10r-5, update to a newer version. For Red Hat Linux losetup-2.10r-0.6.x version 2.10r-0.6.x, update to a newer version. For Red Hat Linux losetup-2.10r-5 version 2.10r-5, update to a newer version. For Red Hat Linux nfs-utils-0.3.1 version 0.3.1, update to a newer version.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-193

Related Identifiers

BDU:2015-03682

BDU:2015-03683

BDU:2015-03684

BDU:2015-03685

BDU:2015-03686

BDU:2015-03687

BDU:2015-03688

BDU:2015-03689

BDU:2015-03690

BDU:2015-03691

BDU:2015-03692

BDU:2015-03693

BDU:2015-03694

BDU:2015-03695

BDU:2015-03696

BDU:2015-03697

BDU:2015-03698

BDU:2015-03699

BDU:2015-03700

BDU:2015-03701

BDU:2015-03702

BDU:2015-03703

BDU:2015-03704

BDU:2015-03705

BDU:2015-03706

BDU:2015-03707

BDU:2015-03708

BDU:2015-03709

BDU:2015-08156

BDU:2015-08157

BDU:2015-08165

BDU:2015-08166

BDU:2015-08173

CVE-2001-1396

Affected Products

Debian

Linux Kernel

Red Hat

Losetup

Mount

Nfs-Utils

PT-2001-2686 · Red Hat+2 · Losetup+5

CVE-2001-1396

Weakness Enumeration

Related Identifiers

Affected Products

References · 58