J-Security Center

Title: Linux Kernel 2.4.18 Security Issues

Severity: MODERATE

Description:

Red Hat has issued an advisory reporting the correction of several vulnerabilities in version 2.4.18 of the Linux kernel. Some of the security issues are related to the following device drivers:

stradis
rio500
se401
usbvideo
apm

Furhermore, vulnerabilities reportedly exist in components of the procfs virtual filesystem that may cause kernel memory to be exposed. It should be assumed that at the very least, local attackers may exploit these vulnerabilities to elevate privileges.

SecurityFocus is currently completing analysis of the reported vulnerabilities and will issue individual alerts for each.

Affected Products:

  • Astaro Security Linux 2.0.0 16
  • Astaro Security Linux 2.0.0 23
  • Debian Linux 3.0.0 alpha
  • Debian Linux 3.0.0 arm
  • Debian Linux 3.0.0 hppa
  • Debian Linux 3.0.0 ia-32
  • Debian Linux 3.0.0 ia-64
  • Debian Linux 3.0.0 m68k
  • Debian Linux 3.0.0 mips
  • Debian Linux 3.0.0 mipsel
  • Debian Linux 3.0.0 ppc
  • Debian Linux 3.0.0 s/390
  • Debian Linux 3.0.0 sparc
  • Linux kernel 2.4.18
  • Linux kernel 2.4.18 pre-1
  • Linux kernel 2.4.18 pre-2
  • Linux kernel 2.4.18 pre-3
  • Linux kernel 2.4.18 pre-4
  • Linux kernel 2.4.18 pre-5
  • Linux kernel 2.4.18 pre-6
  • Linux kernel 2.4.18 pre-7
  • Linux kernel 2.4.18 pre-8
  • Linux kernel 2.4.19 -pre1
  • Linux kernel 2.4.19 -pre2
  • Linux kernel 2.4.19 -pre3
  • Linux kernel 2.4.19 -pre4
  • Linux kernel 2.4.19 -pre5
  • Linux kernel 2.4.19 -pre6
  • MandrakeSoft Linux Mandrake 8.0.0
  • MandrakeSoft Linux Mandrake 8.1.0
  • MandrakeSoft Linux Mandrake 8.2.0
  • RedHat Advanced Workstation for the Itanium Processor 2.1.0
  • RedHat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • RedHat Enterprise Linux AS 2.1 IA64
  • RedHat Linux 7.3.0
  • RedHat Linux 8.0.0
  • S.u.S.E. Linux 7.1.0
  • S.u.S.E. Linux 7.2.0
  • S.u.S.E. Linux 7.3.0
  • S.u.S.E. Linux 8.0.0
  • S.u.S.E. Linux 8.1.0
  • S.u.S.E. Linux Connectivity Server
  • S.u.S.E. Linux Database Server
  • S.u.S.E. Linux Enterprise Server 7
  • S.u.S.E. Linux Enterprise Server 8
  • S.u.S.E. Linux Firewall on CD
  • S.u.S.E. Linux Office Server
  • S.u.S.E. Linux Openexchange Server
  • S.u.S.E. Linux Personal 8.2.0
  • S.u.S.E. SuSE eMail Server 3.1.0
  • S.u.S.E. SuSE eMail Server III
  • Turbolinux Turbolinux Server 7.0.0
  • Turbolinux Turbolinux Server 8.0.0
  • Turbolinux Turbolinux Workstation 7.0.0
  • Turbolinux Turbolinux Workstation 8.0.0

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.