CVE-2003-0001

Name of the Vulnerable Software and Affected Versions Red Hat Linux kernel versions 2.2.24 through 2.4.18 Red Hat Linux kernel-enterprise versions 2.2.24 Red Hat Linux kernel-smp versions 2.2.24 through 2.4.18 Red Hat Linux kernel-iseries version 2.4.18 Red Hat Linux pcmcia-modules version 2.4.18-bf2.4 Debian GNU/Linux pcmcia-modules version 2.4.18-bf2.4 Red Hat Linux kernel-pcmcia-cs version 2.2.24 Red Hat Linux kernel-headers version 2.2.24 Red Hat Linux kernel-source versions 2.2.24 through 2.4.18 Red Hat Linux kernel-utils version 2.2.24 Red Hat Linux kernel-BOOT versions 2.2.24 through 2.4.18 Red Hat Linux kernel-doc versions 2.2.24 through 2.4.18 Red Hat Linux kernel-pseries version 2.4.18 Red Hat Linux iptables version 1.2.5 Red Hat Linux iptables-ipv6 version 1.2.5 Red Hat Linux modutils version 2.4.22 Red Hat Linux modutils-devel version 2.4.22 Red Hat Linux cross-ppc64 (affected versions not specified) Red Hat Linux kernel-bigmem version 2.4.18 Red Hat Linux kernel-debug version 2.4.18 Red Hat Linux kernel-ibcs version 2.2.24 Debian GNU/Linux mkcramfs (affected versions not specified)

Description The issue affects multiple packages in Red Hat Linux and Debian GNU/Linux operating systems, potentially leading to confidentiality, integrity, and availability breaches of protected information. Exploitation can be local or remote, depending on the package. For instance, the vulnerability in ethernet Network Interface Card (NIC) device drivers allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.

Recommendations For Red Hat Linux kernel versions 2.2.24 through 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-enterprise versions 2.2.24, update to a version that contains a fix for this issue. For Red Hat Linux kernel-smp versions 2.2.24 through 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-iseries version 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux pcmcia-modules version 2.4.18-bf2.4, update to a version that contains a fix for this issue. For Debian GNU/Linux pcmcia-modules version 2.4.18-bf2.4, update to a version that contains a fix for this issue. For Red Hat Linux kernel-pcmcia-cs version 2.2.24, update to a version that contains a fix for this issue. For Red Hat Linux kernel-headers version 2.2.24, update to a version that contains a fix for this issue. For Red Hat Linux kernel-source versions 2.2.24 through 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-utils version 2.2.24, update to a version that contains a fix for this issue. For Red Hat Linux kernel-BOOT versions 2.2.24 through 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-doc versions 2.2.24 through 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-pseries version 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux iptables version 1.2.5, update to a version that contains a fix for this issue. For Red Hat Linux iptables-ipv6 version 1.2.5, update to a version that contains a fix for this issue. For Red Hat Linux modutils version 2.4.22, update to a version that contains a fix for this issue. For Red Hat Linux modutils-devel version 2.4.22, update to a version that contains a fix for this issue. For Red Hat Linux cross-ppc64, at the moment, there is no information about a newer version that contains a fix for this issue. For Red Hat Linux kernel-bigmem version 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-debug version 2.4.18, update to a version that contains a fix for this issue. For Red Hat Linux kernel-ibcs version 2.2.24, update to a version that contains a fix for this issue. For Debian GNU/Linux mkcramfs, at the moment, there is no information about a newer version that contains a fix for this issue.