CVE-2003-0985

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.21 Red Hat Linux kernel-2.4.20 Red Hat Linux kernel-smp-2.4.20 Red Hat Linux kernel-doc-2.4.20 Red Hat Linux kernel-source-2.4.20 Red Hat Linux kernel-BOOT-2.4.20 Red Hat Linux kernel-bigmem-2.4.20

Description The issue concerns multiple vulnerabilities in the Linux kernel, specifically affecting Red Hat Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. A specific vulnerability in the mremap system call (do mremap) in Linux kernel versions before 2.4.21 allows local users to cause a denial of service and possibly gain privileges by creating a zero-length virtual memory area (VMA).

Recommendations For Linux kernel versions prior to 2.4.21, update to version 2.4.21 or later. For Red Hat Linux kernel-2.4.20, consider disabling vulnerable functions until a patch is available. For Red Hat Linux kernel-smp-2.4.20, kernel-doc-2.4.20, kernel-source-2.4.20, kernel-BOOT-2.4.20, and kernel-bigmem-2.4.20, restrict access to vulnerable components to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the mremap system call (do mremap) until a patch is available.