CVE-2004-1335

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version Debian GNU/Linux kernel-image-2.4.18-sun4u version Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version Debian GNU/Linux kernel-image-2.4.19-sparc version Debian GNU/Linux kernel-image-2.4.19-sun4u version Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version Linux kernel versions prior to 2.6.10

Description The issue involves multiple vulnerabilities in the Linux kernel of Debian GNU/Linux, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. A memory leak in the ip options get function allows local users to cause a denial of service by repeatedly calling the ip cmsg send function.

Recommendations For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs version, update to a version that includes the security patches. For Debian GNU/Linux kernel-image-2.4.18-sun4u version, update to a version that includes the security patches. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp version, update to a version that includes the security patches. For Debian GNU/Linux kernel-image-2.4.19-sparc version, update to a version that includes the security patches. For Debian GNU/Linux kernel-image-2.4.19-sun4u version, update to a version that includes the security patches. For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp version, update to a version that includes the security patches. For Linux kernel versions prior to 2.6.10, update to version 2.6.10 or later to fix the memory leak issue in the ip options get function.