Executive Summary

Summary
Title New kernel packages fix potential "oops"
Informations
Name DSA-358 First vendor Publication 2003-08-05
Vendor Debian Last vendor Modification 2003-08-13
Severity (Vendor) N/A Revision 4

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

This advisory provides a correction to the previous kernel updates, which contained an error introduced in kernel-source-2.4.18 version 2.4.18-10. This error could result in a kernel "oops" under certain circumstances involving POSIX locks and multithreaded programs.

For the stable distribution (woody) on the i386 architecture, this problem has been fixed in kernel-source-2.4.18 version 2.4.18-13, kernel-image-2.4.18-i386bf version 2.4.18-5woody4, and kernel-image-2.4.18-1-i386 version 2.4.18-11.

For the stable distribution (woody) on the alpha architecture, this problem has been fixed in kernel-source-2.4.18 version 2.4.18-13 and kernel-image-2.4.18-1-alpha version 2.4.18-10.

For the unstable distribution (sid) this problem has been fixed in kernel-source-2.4.20 version 2.4.20-7.

We recommend that you update your kernel packages.

If you are using the kernel installed by the installation system when the "bf24" option is selected (for a 2.4.x kernel), you should install the kernel-image-2.4.18-bf2.4 package. If you installed a different kernel-image package after installation, you should install the corresponding 2.4.18-1 kernel. You may use the table below as a guide.

| If "uname -r" shows: | Install this package:

Original Source

Url : http://www.debian.org/security/2003/dsa-358

CWE : Common Weakness Enumeration

% Id Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:304
 
Oval ID: oval:org.mitre.oval:def:304
Title: Red Hat Linux Kernel Serial Link Information Disclosure Vulnerability
Description: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0461
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:309
 
Oval ID: oval:org.mitre.oval:def:309
Title: Linux Kernel execve Race Condition Vulnerability
Description: A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
Family: unix Class: vulnerability
Reference(s): CVE-2003-0462
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:327
 
Oval ID: oval:org.mitre.oval:def:327
Title: Linux Kernel execve Read Access to Restricted File Descriptors
Description: The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0476
 Version: 4
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:328
 
Oval ID: oval:org.mitre.oval:def:328
Title: Linux Kernel /proc/self setuid Vulnerability
Description: The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0501
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:380
 
Oval ID: oval:org.mitre.oval:def:380
Title: Insecure Design of the STP Protocol
Description: The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0550
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:384
 
Oval ID: oval:org.mitre.oval:def:384
Title: STP Protocol Length Verification Vulnerability
Description: The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0551
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:385
 
Oval ID: oval:org.mitre.oval:def:385
Title: Linux Kernel Bridge Forwarding Table Spoof Vulnerability
Description: Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0552
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:386
 
Oval ID: oval:org.mitre.oval:def:386
Title: Lunix Kernel NFSv3 Procedure Kernel Panic Vulnerability
Description: Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0619
 Version: 2
Platform(s): Red Hat Linux 9
 Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9330
 
Oval ID: oval:org.mitre.oval:def:9330
Title: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Description: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0461
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:997
 
Oval ID: oval:org.mitre.oval:def:997
Title: Red Hat Enterprise Linux 3 Kernel Serial Link Information Disclosure Vulnerability
Description: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0461
 Version: 4
Platform(s): Red Hat Enterprise Linux 3
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 389
Os 3
Os 1
Os 6

OpenVAS Exploits

Date Description
2008-01-17 Name : Debian Security Advisory DSA 358-1 (linux-kernel-i386, linux-kernel-alpha)
File : nvt/deb_358_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64)
File : nvt/deb_423_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
10298 Linux Kernel Serial Link Information Disclosure
10297 Linux Kernel env_start/env_end Race Condition DoS
10296 Linux Kernel execve System Call Arbitrary File Descriptor Read
10295 Linux Kernel /proc/self System Information Disclosure
10294 Linux Kernel STP Protocol Bridge Topology Modification
10293 Linux Kernel STP Protocol Malformed Length DoS
10292 Linux Kernel Bridge Forwarding Table Spoofing
4457 Linux Kernel O_DIRECT Deleted File Retrieval or File System Corruption
2353 Linux Kernel NFS XDR DoS

The Linux kernel contains a flaw that may allow a remote denial of service. The issue is that the "decode_fh" function in "nfs3xdr.c" fails to handle a negative size value in certain NFS calls, and will result in loss of availability for the platform.

Nessus® Vulnerability Scanner

Date Description
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-358.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2003-014.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2003-066.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2003-074.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2002-263.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2003-239.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2003-408.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-188.nasl - Type : ACT_GATHER_INFO
2003-08-01 Name : The remote NFS daemon is prone to a denial of service attack.
File : knfs_dos.nasl - Type : ACT_KILL_HOST

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2016-10-18 12:06:52
  • Multiple Updates
2016-10-08 01:03:53
  • Multiple Updates
2016-08-05 12:07:37
  • Multiple Updates
2014-02-17 11:32:49
  • Multiple Updates
2013-05-11 12:18:18
  • Multiple Updates