Debian DSA-444-1 : linux-kernel-2.4.17-ia64 - missing function return value check

high Nessus Plugin ID 15281

Synopsis

The remote Debian host is missing a security-related update.

Description

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges.

Solution

Upgrade the Linux kernel packages immediately.

For the stable distribution (woody) this problem has been fixed in version 011226.16 of ia64 kernel source and images.

Other architectures are or will be mentioned in a separate advisory respectively or are not affected (m68k).

This problem is also fixed in the upstream version of Linux 2.4.25 and 2.6.3.

Vulnerability matrix for CAN-2004-0077

See Also

http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt

http://www.debian.org/security/2004/dsa-444

Plugin Details

Severity: High

ID: 15281

File Name: debian_DSA-444.nasl

Version: 1.29

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-ia64, cpe:/o:debian:debian_linux:3.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/20/2004

Reference Information

CVE: CVE-2004-0077

BID: 9686

CERT: 981222

DSA: 444