Family: Debian Local Security Checks --> Category: infos
[DSA417] DSA-417-1 linux-kernel-2.4.18-powerpc+alpha Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Paul Starzetz discovered a flaw in bounds checking in mremap() in the
Linux kernel (present in version 2.4.x and 2.6.x) which may allow a
local attacker to gain root rights. Version 2.2 is not affected
by this bug.
Andrew Morton discovered a missing boundary check for the brk system
call which can be used to craft a local root exploit.
For the stable distribution (woody) these problems have been fixed in
version 2.4.18-12 for the alpha architecture and in
version 2.4.18-1woody3 for the powerpc architecture.
For the unstable distribution (sid) these problems will be fixed soon
with newly uploaded packages.
We recommend that you upgrade your kernel packages. These problems have
been fixed in the upstream version 2.4.24 as well.
Solution : http://www.debian.org/security/2004/dsa-417
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.