Debian Security Advisory

DSA-417-1 linux-kernel-2.4.18-powerpc+alpha -- missing boundary check

Date Reported:
07 Jan 2004
Affected Packages:
kernel-patch-2.4.18-powerpc, kernel-image-2.4.18-1-alpha
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 9356.
In Mitre's CVE dictionary: CVE-2003-0961, CVE-2003-0985.
More information:

Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug.

Andrew Morton discovered a missing boundary check for the brk system call which can be used to craft a local root exploit.

For the stable distribution (woody) these problems have been fixed in version 2.4.18-12 for the alpha architecture and in version 2.4.18-1woody3 for the powerpc architecture.

For the unstable distribution (sid) these problems will be fixed soon with newly uploaded packages.

We recommend that you upgrade your kernel packages. These problems have been fixed in the upstream version 2.4.24 as well.

Fixed in:

Debian GNU/Linux 3.0 (woody)

Architecture-independent component:

MD5 checksums of the listed files are available in the original advisory.

MD5 checksums of the listed files are available in the revised advisory.