CVE-2004-0181

Name of the Vulnerable Software and Affected Versions Linux versions 2.4.x aa-sources versions prior to 2.4.23-r2

Description The issue concerns an information leak in the JFS file system code in Linux, allowing local users to obtain sensitive information by reading the raw device. Additionally, there are multiple vulnerabilities in the aa-sources package of Gentoo Linux, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally.

Recommendations For Linux versions 2.4.x, consider updating to a version that does not contain the JFS file system code vulnerability. For aa-sources versions prior to 2.4.23-r2, update to version 2.4.23-r2 or later to resolve the vulnerabilities.