PT-2004-3723 · Linux+1 · Linux Kernel+1

Published

1970-01-01

·

Updated

2017-10-11

·

CVE-2004-0138

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.4.25 Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-patch-benh version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-headers-2.4.19-sparc version Debian GNU/Linux kernel-headers-2.4.18-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version
Description The issue allows local users to cause a denial of service via a crafted ELF file with an interpreter with an invalid arch, which triggers a BUG when an invalid VMA is unmapped. Multiple vulnerabilities in Debian GNU/Linux kernel packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.
Recommendations For Linux kernel versions prior to 2.4.25, update to version 2.4.25 or later to resolve the issue. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-sun4u, consider applying available security patches or updates. For Debian GNU/Linux kernel-patch-benh, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp, consider applying available security patches or updates. For Debian GNU/Linux kernel-headers-2.4.19-sparc, consider applying available security patches or updates. For Debian GNU/Linux kernel-headers-2.4.18-sparc, consider applying available security patches or updates. For Debian GNU/Linux kernel-image-2.4.19-sun4u, consider applying available security patches or updates.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

BDU:2015-03380
BDU:2015-03381
BDU:2015-03382
BDU:2015-03383
BDU:2015-03384
BDU:2015-03385
BDU:2015-03576
BDU:2015-03577
CVE-2004-0138
DSA-1067-1
DSA-1069-1
DSA-1070-1
DSA-1082-1
RHSA-2004:549

Affected Products

Debian
Linux Kernel