Vulnerabilities > CVE-2003-0986

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
linux
redhat
nessus
NVD
Published: 2003-12-31
Updated: 2023-11-07

Summary

Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.

Vulnerable Configurations

Part Description Count
OS
Linux
39
OS
Redhat
3

Nessus

NASL familyRed Hat Local Security Checks
NASL idREDHAT-RHSA-2004-017.NASL
descriptionUpdated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the first regular update. The Linux kernel handles the basic functions of the operating system. This is the first regular kernel update for Red Hat Enterprise Linux version 3. It contains a new critical security fix, many other bug fixes, several device driver updates, and numerous performance and scalability enhancements. On AMD64 systems, a fix was made to the eflags checking in 32-bit ptrace emulation that could have allowed local users to elevate their privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0001 to this issue. Other bug fixes were made in the following kernel areas: VM, NPTL, IPC, kernel timer, ext3, NFS, netdump, SCSI, ACPI, several device drivers, and machine-dependent support for the x86_64, ppc64, and s390 architectures. The VM subsystem was improved to better handle extreme loads and resource contention (such as might occur during heavy database application usage). This has resulted in a significantly reduced possibility of hangs, OOM kills, and low-mem exhaustion. Several NPTL fixes were made to resolve POSIX compliance issues concerning process IDs and thread IDs. A section in the Release Notes elaborates on a related issue with file record locking in multi-threaded applications. AMD64 kernels are now configured with NUMA support, S390 kernels now have CONFIG_BLK_STATS enabled, and DMA capability was restored in the IA64 agpgart driver. The following drivers have been upgraded to new versions : cmpci ------ 6.36 e100 ------- 2.3.30-k1 e1000 ------ 5.2.20-k1 ips -------- 6.10.52 megaraid --- v1.18k megaraid2 -- v2.00.9 All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
last seen2020-06-01
modified2020-06-02
plugin id12451
published2004-07-06
reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/12451
titleRHEL 3 : kernel (RHSA-2004:017)

Oval

accepted2013-04-29T04:21:29.602-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
descriptionVarious routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
familyunix
idoval:org.mitre.oval:def:9707
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleVarious routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
version26

Redhat

advisories
rhsa
idRHSA-2004:017
rpms
  • kernel-0:2.4.21-9.EL
  • kernel-BOOT-0:2.4.21-9.EL
  • kernel-debuginfo-0:2.4.21-9.EL
  • kernel-doc-0:2.4.21-9.EL
  • kernel-hugemem-0:2.4.21-9.EL
  • kernel-hugemem-unsupported-0:2.4.21-9.EL
  • kernel-smp-0:2.4.21-9.EL
  • kernel-smp-unsupported-0:2.4.21-9.EL
  • kernel-source-0:2.4.21-9.EL
  • kernel-unsupported-0:2.4.21-9.EL

References