CVE-2004-0394

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.19-sun4u-smp versions 2.4.19 Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs versions 2.4.18 Debian GNU/Linux kernel-image-2.4.18-sun4u versions 2.4.18 Debian GNU/Linux kernel-patch-benh (affected versions not specified) Debian GNU/Linux kernel-image-2.4.18-sun4u-smp versions 2.4.18 Debian GNU/Linux kernel-headers-2.4.19-sparc versions 2.4.19 Debian GNU/Linux kernel-headers-2.4.18-sparc versions 2.4.18 Debian GNU/Linux kernel-image-2.4.19-sun4u versions 2.4.19 Gentoo Linux aa-sources versions prior to 2.4.23-r2

Description The issue involves multiple vulnerabilities in the Linux kernel packages of various operating systems, including Debian GNU/Linux and Gentoo Linux. These vulnerabilities can be exploited remotely or locally, leading to a breach of confidentiality, integrity, and availability of protected information. A potential buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic(). The vulnerabilities can be exploited to disrupt the security of the affected systems.

Recommendations For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version 2.4.19, update to a newer version. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version 2.4.18, update to a newer version. For Debian GNU/Linux kernel-image-2.4.18-sun4u version 2.4.18, update to a newer version. For Debian GNU/Linux kernel-patch-benh, update to a newer version. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version 2.4.18, update to a newer version. For Debian GNU/Linux kernel-headers-2.4.19-sparc version 2.4.19, update to a newer version. For Debian GNU/Linux kernel-headers-2.4.18-sparc version 2.4.18, update to a newer version. For Debian GNU/Linux kernel-image-2.4.19-sun4u version 2.4.19, update to a newer version. For Gentoo Linux aa-sources versions prior to 2.4.23-r2, update to version 2.4.23-r2 or later.