Debian 3.0 DSA 433-1 Critical: Kernel Integer Overflow Root Access
debian
February 4, 2004
Integer overflow in the do_brk() function of the Linux kernel allows local users to gain root privileges.
Topics Covered
Summary
RedHat and SuSE kernel and security teams revealed an integer overflow
in the do_brk() function of the Linux kernel allows local users to
gain root privileges.
For the stable distribution (woody) this problem has been fixed in
version 2.4.17-0.020226.2.woody4. Other architectures are already or
will be fixed separately.
For the unstable distribution (sid) this problem will be fixed soon
with newly uploaded packages.
We recommend that you upgrade your kernel image packages for the mips
and mipsel architectures. This problem has been fixed in the upstream
version 2.4.23 as well and is also present in 2.4.24, of course.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by addin...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: kernel-patch-2.4.17-mips
CVE ID: CAN-2003-0961
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!