CVE-2003-0550

Name of the Vulnerable Software and Affected Versions Red Hat Linux kernel versions 2.4.20 Red Hat Linux kernel-smp versions 2.4.20 Red Hat Linux kernel-doc versions 2.4.20 Red Hat Linux kernel-BOOT versions 2.4.20 Red Hat Linux kernel-source versions 2.4.20 Red Hat Linux kernel-bigmem versions 2.4.20 Linux versions 2.4.x

Description The issue concerns multiple vulnerabilities in the kernel package of Red Hat Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Additionally, the STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, allowing attackers to modify the bridge topology.

Recommendations For Red Hat Linux kernel versions 2.4.20, consider updating to a newer version to mitigate the risk. For Red Hat Linux kernel-smp versions 2.4.20, consider updating to a newer version to mitigate the risk. For Red Hat Linux kernel-doc versions 2.4.20, consider updating to a newer version to mitigate the risk. For Red Hat Linux kernel-BOOT versions 2.4.20, consider updating to a newer version to mitigate the risk. For Red Hat Linux kernel-source versions 2.4.20, consider updating to a newer version to mitigate the risk. For Red Hat Linux kernel-bigmem versions 2.4.20, consider updating to a newer version to mitigate the risk. For Linux versions 2.4.x, consider disabling the STP protocol or restricting its use to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.