Mandrake Linux Security Advisory : kernel (MDKSA-2003:110)
High Nessus Plugin ID 14092
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable; an exploit is in the wild at this time.
The Mandrake Linux 9.2 kernels are not vulnerable to this problem as the fix for it is already present in kernel version 2.4.22-21mdk (provided in MDKA-2003:021).
MandrakeSoft encourages all users to upgrade their systems immediately.
To upgrade your kernel, please use the documentation available online :
SolutionUpdate the affected packages.