PT-2002-1028 · Linux+1 · Linux Kernel+1

Published

2002-09-23

·

Updated

2017-10-10

·

CVE-2002-1319

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4.20 and earlier, and 2.5.x Red Hat Linux kernel versions 2.2.22 and earlier, and 2.4.18 and earlier
Description The issue allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. Exploitation of the vulnerability can lead to disruption of confidentiality, integrity, and availability of protected information. The vulnerability can be exploited locally.
Recommendations For Linux kernel versions 2.4.20 and earlier, and 2.5.x, update to a version that properly clears TF and NT EFLAGs in emulation mode. For Red Hat Linux kernel versions 2.2.22 and earlier, and 2.4.18 and earlier, update to a version that fixes the vulnerability. As a temporary workaround, consider disabling the emulation mode until a patch is available. Restrict access to the vulnerable kernel modules to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

BDU:2015-07764
BDU:2015-07765
BDU:2015-07766
BDU:2015-07767
BDU:2015-07768
BDU:2015-07769
BDU:2015-07770
BDU:2015-07771
BDU:2015-07772
BDU:2015-07773
BDU:2015-07774
BDU:2015-07934
BDU:2015-07935
BDU:2015-07938
BDU:2015-07939
BDU:2015-07942
BDU:2015-07953
BDU:2015-07956
CVE-2002-1319

Affected Products

Linux Kernel
Red Hat Linux Kernel