CVE-2001-1399

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.2.19 versions prior to 2.2.19 Red Hat Linux mount versions 2.10r-0.6.x Red Hat Linux mount versions 2.10r-5 Red Hat Linux losetup versions 2.10r-0.6.x Red Hat Linux losetup versions 2.10r-5 Red Hat Linux nfs-utils version 0.3.1

Description The issue affects multiple packages in Debian GNU/Linux and Red Hat Linux, allowing remote exploitation that may lead to a breach of confidentiality, integrity, and availability of protected information. Certain operations in the Linux kernel before version 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory.

Recommendations For Debian GNU/Linux kernel-image-2.2.19 versions prior to 2.2.19, update to a version 2.2.19 or later. For Red Hat Linux mount versions 2.10r-0.6.x and 2.10r-5, update to a version later than 2.10r-5. For Red Hat Linux losetup versions 2.10r-0.6.x and 2.10r-5, update to a version later than 2.10r-5. For Red Hat Linux nfs-utils version 0.3.1, update to a version later than 0.3.1. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.