CVE-2005-0003

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image-2.4.19-sun4u-smp versions Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs versions Debian GNU/Linux kernel-image-2.4.18-sun4u versions Debian GNU/Linux kernel-patch-benh versions Debian GNU/Linux kernel-image-2.4.18-sun4u-smp versions Debian GNU/Linux kernel-headers-2.4.19-sparc versions Debian GNU/Linux kernel-headers-2.4.18-sparc versions Debian GNU/Linux kernel-image-2.4.19-sun4u versions Linux kernel versions prior to 2.6.10

Description The issue involves multiple vulnerabilities in the Linux kernel of Debian GNU/Linux, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Additionally, there is an issue with the 64-bit ELF support in Linux kernel versions prior to 2.6.10 on 64-bit architectures, where improper checking for overlapping VMA allocations allows local users to cause a denial of service or execute arbitrary code via a crafted ELF or a.out file.

Recommendations For Debian GNU/Linux kernel-image-2.4.19-sun4u-smp, consider disabling the vulnerable kernel until a patch is available. For Debian GNU/Linux kernel-image-2.4.18-powerpc-xfs, restrict access to the vulnerable kernel to minimize the risk of exploitation. For Debian GNU/Linux kernel-image-2.4.18-sun4u, avoid using the vulnerable kernel in production environments until the issue is resolved. For Debian GNU/Linux kernel-patch-benh, consider applying a patch or updating to a newer version of the kernel. For Debian GNU/Linux kernel-image-2.4.18-sun4u-smp, restrict access to the vulnerable kernel to minimize the risk of exploitation. For Debian GNU/Linux kernel-headers-2.4.19-sparc, consider updating to a newer version of the kernel headers. For Debian GNU/Linux kernel-headers-2.4.18-sparc, restrict access to the vulnerable kernel headers to minimize the risk of exploitation. For Debian GNU/Linux kernel-image-2.4.19-sun4u, consider disabling the vulnerable kernel until a patch is available. For Linux kernel versions prior to 2.6.10, update to version 2.6.10 or later to resolve the issue.