|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:037: kernel Vulnerability Assessment Details
|
MDKSA-2004:037: kernel |
||
|
Check for the version of the kernel package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2004:037 (kernel). A vulnerability was found in the framebuffer driver of the 2.6 kernel. This is due to incorrect use of the fb_copy_cmap function. (CVE-2004-0229) A vulnerability has been found in the Linux kernel in the ip_setsockopt() function code. There is an exploitable integer overflow inside the code handling the MCAST_MSFILTER socket option in the IP_MSFILTER_SIZE macro calculation. This issue is present in both 2.4 (2.4.25) and 2.6 kernels. (CVE-2004-0424) There is a minor issue with the static buffer in 2.4 kernel's panic() function. Although it's a possibly buffer overflow, it most like not exploitable due to the nature of panic(). (CVE-2004-0394) In do_fork(), if an error occurs after the mm_struct for the child has been allocated, it is never freed. The exit_mm() meant to free it increments the mm_count and this count is never decremented. (For a running process that is exitting, schedule() takes care this however, the child process being cleaned up is not running.) In the CLONE_VM case, the parent's mm_struct will get an extra mm_count and so it will never be freed. This issue is present in both 2.4 and 2.6 kernels. (CVE-2004-0427) The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandrakesecure.net/en/kernelupdate.php Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:037 Network Security Threat Level: High Networks Security ID: 10211, 10221, 10233 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
|
Cables, Connectors |
ASUS H110M-R Motherboard Intel 6th/7th Gen LGA1151 DDR4 Micro-ATX i/o shield
$42.00
***NEW*** BCM RX67Q Gaming Motherboard | Intel Q67 2nd/3rd Gen. | LGA1155 | DDR3
$29.77
Asus Prime H270M-Plus LGA 1151 Micro-ATX DDR4 Desktop Motherboard No I/O Shield
$49.99
MSI B450M-A PRO MAX II AM4 AMD B450 SATA 6Gb/s Micro ATX Motherboard
$68.99
MSI H81I LGA1150 MINI-ITX DDR3 Desktop Motherboard With I/O Shield
$34.99
GIGABYTE B560M DS3H AC LGA1200 Intel B560 SATA 6Gb/s Micro ATX Intel Motherboard
$64.99
Gigabyte AMD B550 UD AC Gaming Motherboard - AMD B550 Chipset - AM4 Socket - AMD
$89.99
Micro ATX Desktop Motherboard ASUS H110M-C LGA 1151
$31.95
GIGABYTE MB10-Datto Motherboard Xeon D-1521- SR2DF 2.40 GHz- Open Box
$115.00
BTC-S37 Mining Motherboard Kit /w SSD & Ram Preinstalled
$59.99
|
||
|
No Discussions have been posted on this vulnerability. |