PT-2001-2687 · Red Hat+2 · Losetup+4

Published

1970-01-01

·

Updated

2016-12-08

·

CVE-2001-1397

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.2.19 versions prior to 2.2.19 Red Hat Linux mount versions prior to 2.10r-5 Red Hat Linux losetup versions prior to 2.10r-5 Red Hat Linux nfs-utils versions prior to 0.3.1
Description The issue affects the System V shared memory implementation for Linux kernel before 2.2.19, allowing attackers to modify recently freed memory. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out remotely.
Recommendations For Debian GNU/Linux kernel-image-2.2.19 versions prior to 2.2.19, update to a version 2.2.19 or later. For Red Hat Linux mount versions prior to 2.10r-5, update to version 2.10r-5 or later. For Red Hat Linux losetup versions prior to 2.10r-5, update to version 2.10r-5 or later. For Red Hat Linux nfs-utils versions prior to 0.3.1, update to version 0.3.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-193

Related Identifiers

BDU:2015-03682
BDU:2015-03683
BDU:2015-03684
BDU:2015-03685
BDU:2015-03686
BDU:2015-03687
BDU:2015-03688
BDU:2015-03689
BDU:2015-03690
BDU:2015-03691
BDU:2015-03692
BDU:2015-03693
BDU:2015-03694
BDU:2015-03695
BDU:2015-03696
BDU:2015-03697
BDU:2015-03698
BDU:2015-03699
BDU:2015-03700
BDU:2015-03701
BDU:2015-03702
BDU:2015-03703
BDU:2015-03704
BDU:2015-03705
BDU:2015-03706
BDU:2015-03707
BDU:2015-03708
BDU:2015-03709
BDU:2015-08156
BDU:2015-08157
BDU:2015-08165
BDU:2015-08166
BDU:2015-08173
CVE-2001-1397

Affected Products

Debian
Linux Kernel
Losetup
Mount
Nfs-Utils