linux-kernel-2.4.17-hppa -- several vulnerabilities

2004-04-01T00:00:00
ID DSA-470
Type debian
Reporter Debian
Modified 2004-04-01T00:00:00

Description

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the hppa kernel 2.4.17 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update:

An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23.

Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24.

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.

For the stable distribution (woody) these problems have been fixed in version 32.3 of kernel-image-2.4.17-hppa.

For the unstable distribution (sid) these problems have been fixed in version 2.4.25-1 of kernel-image-2.4.25-hppa.

We recommend that you upgrade your Linux kernel packages immediately.

Vulnerability matrix for CAN-2004-0077