Mandrake Linux Security Advisory : kernel (MDKSA-2004:037)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandrake Linux host is missing one or more security

Description :

A vulnerability was found in the framebuffer driver of the 2.6 kernel.
This is due to incorrect use of the fb_copy_cmap function.

A vulnerability has been found in the Linux kernel in the
ip_setsockopt() function code. There is an exploitable integer
overflow inside the code handling the MCAST_MSFILTER socket option in
the IP_MSFILTER_SIZE macro calculation. This issue is present in both
2.4 (2.4.25) and 2.6 kernels. (CVE-2004-0424)

There is a minor issue with the static buffer in 2.4 kernel's panic()
function. Although it's a possibly buffer overflow, it most like not
exploitable due to the nature of panic(). (CVE-2004-0394)

In do_fork(), if an error occurs after the mm_struct for the child has
been allocated, it is never freed. The exit_mm() meant to free it
increments the mm_count and this count is never decremented. (For a
running process that is exitting, schedule() takes care this; however,
the child process being cleaned up is not running.) In the CLONE_VM
case, the parent's mm_struct will get an extra mm_count and so it will
never be freed. This issue is present in both 2.4 and 2.6 kernels.

The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels.

To update your kernel, please follow the directions located at :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14136 (mandrake_MDKSA-2004-037.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0229

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now