CVE-2004-1071

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-image-2.4.19-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Linux kernel versions 2.4.x up to 2.4.27 Linux kernel versions 2.6.x up to 2.6.8

Description The issue involves multiple vulnerabilities in the Linux kernel, which can be exploited to compromise the confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The binfmt elf loader in the Linux kernel does not properly handle a failed call to the mmap function, causing an incorrect mapped image and potentially allowing local users to execute arbitrary code.

Recommendations For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, consider disabling the vulnerable kernel image until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-sun4u, consider disabling the vulnerable kernel image until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp, consider disabling the vulnerable kernel image until a patch is available. For Debian GNU/Linux kernel-image-2.4.19-sparc, consider disabling the vulnerable kernel image until a patch is available. For Debian GNU/Linux kernel-image-2.4.19-sun4u, consider disabling the vulnerable kernel image until a patch is available. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, consider disabling the vulnerable kernel image until a patch is available. For Linux kernel versions 2.4.x up to 2.4.27 and 2.6.x up to 2.6.8, consider updating to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.