Debian Security Advisory

DSA-413-2 linux-kernel-2.4.18 -- missing boundary check

Date Reported:
06 Jan 2004
Affected Packages:
kernel-source-2.4.18, kernel-image-2.4.18-1-i386
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 9356.
In Mitre's CVE dictionary: CVE-2003-0985.
More information:

Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug, since it doesn't support the MREMAP_FIXED flag (as clarified later).

For the stable distribution (woody) this problem has been fixed in kernel-source version 2.4.18-14.1 and kernel-images versions 2.4.18-12.1 and 2.4.18-5woody6 (bf) for the i386 architecture.

For the unstable distribution (sid) this problem will be fixed soon with newly uploaded packages.

We recommend that you upgrade your kernel packages. This problem has been fixed in the upstream version 2.4.24 as well.

Fixed in:

Debian GNU/Linux 3.0 (woody)

Architecture-independent component:
Intel IA-32:

MD5 checksums of the listed files are available in the original advisory.