RHEL 2.1 : kernel (RHSA-2003:389)

high Nessus Plugin ID 12438

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated kernel packages are now available that fix a security vulnerability allowing local users to gain root privileges.

The Linux kernel handles the basic functions of the operating system.

A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges. This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0961 to this issue.

All users of Red Hat Enterprise Linux 2.1 are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability.

Users of Red Hat Enterprise Linux 3 should upgrade to the kernel packages provided by RHBA-2003:308 (released on 30 October 2003), which already contained a patch correcting this issue.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2003-0961

https://access.redhat.com/errata/RHBA-2003:308

https://access.redhat.com/errata/RHSA-2003:389

Plugin Details

Severity: High

ID: 12438

File Name: redhat-RHSA-2003-389.nasl

Version: 1.32

Type: local

Agent: unix

Published: 7/6/2004

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-enterprise, p-cpe:/a:redhat:enterprise_linux:kernel-doc, p-cpe:/a:redhat:enterprise_linux:kernel-summit, p-cpe:/a:redhat:enterprise_linux:kernel-source, p-cpe:/a:redhat:enterprise_linux:kernel-smp, p-cpe:/a:redhat:enterprise_linux:kernel, cpe:/o:redhat:enterprise_linux:2.1, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-boot

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/1/2003

Vulnerability Publication Date: 12/15/2003

Reference Information

CVE: CVE-2003-0961

RHSA: 2003:389