Multiple Local Linux Kernel Vulnerabilities

BID:9985

Info

Multiple Local Linux Kernel Vulnerabilities

Bugtraq ID: 9985
Class: Unknown
CVE: CVE-2004-0178
Remote: No
Local: Yes
Published: Mar 26 2004 12:00AM
Updated: Jul 12 2009 05:56PM
Credit: These issues were announced in a Conectiva advisory. The discoverer(s) are currently unknown.
Vulnerable: Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
SGI ProPack 3.0
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 2.1
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8
Linux kernel 2.4.20
+ CRUX CRUX Linux 1.0
+ Gentoo Linux 1.4
+ Gentoo Linux 1.2
+ Redhat Linux 9.0 i386
+ Slackware Linux 9.0
+ WOLK WOLK 4.4 s
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
+ Conectiva Linux Enterprise Edition 1.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Slackware Linux -current
+ SuSE Linux 8.1
+ SuSE SUSE Linux Enterprise Server 8
+ SuSE SUSE Linux Enterprise Server 7
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
+ Debian Linux 3.0 ia-32
Linux kernel 2.4.18
+ Astaro Security Linux 2.0 23
+ Astaro Security Linux 2.0 16
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0
+ Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
+ Redhat Advanced Workstation for the Itanium Processor 2.1
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Linux 8.0
+ Redhat Linux 7.3
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Firewall on CD
+ S.u.S.E. Linux Office Server
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. SuSE eMail Server 3.1
+ S.u.S.E. SuSE eMail Server III
+ SuSE Linux 8.1
+ SuSE Linux 8.0
+ SuSE Linux 7.3
+ SuSE Linux 7.2
+ SuSE Linux 7.1
+ SuSE Linux Openexchange Server
+ SuSE SUSE Linux Enterprise Server 8
+ SuSE SUSE Linux Enterprise Server 7
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Linux kernel 2.4.17
Linux kernel 2.4.16
+ Sun Cobalt RaQ 550
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
Linux kernel 2.4.12
Linux kernel 2.4.11
Linux kernel 2.4.10
+ SuSE Linux 7.3
Linux kernel 2.4.9
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.2 alpha
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Sun Linux 5.0.5
+ Sun Linux 5.0.3
+ Sun Linux 5.0
Linux kernel 2.4.8
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0
Linux kernel 2.4.7
+ Redhat Linux 7.2
+ SuSE Linux 7.2
+ SuSE Linux 7.1
Linux kernel 2.4.6
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.4
+ SuSE Linux 7.2
Linux kernel 2.4.3
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
Linux kernel 2.4.2
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
Linux kernel 2.4.1
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4
Gentoo Linux 1.4
Not Vulnerable:

Discussion

Multiple Local Linux Kernel Vulnerabilities

Multiple local vulnerabilities were reported in the Linux Kernel. These issues could permit information disclosure via the ext3 filesystem, system crash through buggy SoundBlaster code, a system crash via a bug in Kernel DRI support and a denial of service via mremap.

These issues appear to affect the 2.4 Kernel. Few details are known at this time.

Exploit / POC

Multiple Local Linux Kernel Vulnerabilities

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Multiple Local Linux Kernel Vulnerabilities

Solution:
SGI has made available Patch 10096 and advisory (20040804-01-U), correcting this and other vulnerabilities for systems running SGI ProPack 3.

Patch 10096 is available from:
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/

Please see the referenced advisory for further details regarding obtaining and applying appropriate updates.

Conectiva has released advisory CLA-2004:846 to provide Kernel updates to address this and other issues for Conectiva 8 and 9. Please see the referenced advisory for further details regarding obtaining and applying appropriate updates.

Turbolinux has released a security announcement (TLSA-2004-05-21) providing fixes that can be applied to x86 architecture based computers. Turbolinux users are advised to employ the turboupdate, turbopkg, and zabom utilities as a Superuser in order to obtain and apply appropriate fixes. Please see the referenced advisory for further details regarding obtaining and applying fixes.

Conectiva has released advisory CLSA-2004:829 to provide Kernel updates for CLEE 1.0. Please see the attached advisory for details on how to apply updates.

Debian has released advisories DSA 479-1 and DSA 482-1 as well as fixes dealing with this and other issues. Please see the attached advisory for more information and details on obtaining fixes.

Mandrake has released advisory MDKSA-2004:029 along with fixes that deal with some of the issues described in this BID. Please see the reference section for more information and details on obtaining fixes.

Debian has released an update to the advisory DSA 479-1 providing fixes that deal with the IA-32 architecture. Apparently the original fixes are broken due to a build error. Please see the attached advisory for more information and details on obtaining updated fixes.

Debian has released advisory DSA 489-1 to provide updates for Linux 2.4.17 for the PowerPC/apus and S/390 architectures. Please see the attached advisory for details on applying and obtaining fixes.

Debian has released advisory DSA 491-1 to provide updates for Linux 2.4.19 on the MIPS architecture. Please see the attached advisory for details on applying and obtaining fixes.

RedHat has released an advisory (FEDORA-2004-111) to address various issues in Fedora. Please see the referenced advisory for more information.

Debian has released an advisory (DSA 495-1) to address various issues in the Linux kernel. This advisory contains fixes for the ARM architecture. Please see the referenced advisory for more information.

Gentoo Linux has released advisory GLSA 200407-02 addressing this and other issues. Please see the referenced advisory for further information about this issue and information on upgrading packages using emerge.

Red Hat has released advisories RHSA-2004:413-07, and RHSA-2004:437-02 along with fixes to address this issue on Red Hat Linux Enterprise 2.1 and 3.0 platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.


Linux kernel 2.4.16

Linux kernel 2.4.17

Linux kernel 2.4.18

Linux kernel 2.4.19

Linux kernel 2.4.21

Linux kernel 2.4.5

Linux kernel 2.4.9

References

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report