|
Family: Slackware Local Security Checks --> Category: infos
SSA-2004-119-01 kernel security updates Vulnerability Scan
Vulnerability Scan Summary SSA-2004-119-01 kernel security updates
Detailed Explanation for this Vulnerability Test
New kernel packages are available for Slackware 9.1 and -current to
fix security issues. Also available are new kernel modules packages
(including alsa-driver), and a new version of the hotplug package
for Slackware 9.1 containing some fixes for using 2.4.26 (and 2.6.x)
kernel modules.
The most serious of the fixed issues is an overflow in ip_setsockopt(),
which could allow a local attacker to gain root access, or to crash or
reboot the machine. This bug affects 2.4 kernels from 2.4.22 - 2.4.25.
Any sites running one of those kernel versions should upgrade right
away. After installing the new kernel, be sure to run 'lilo'.
More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0424
Click HERE for more information and discussions on this network vulnerability scan.
|