Slackware 8.1 : Slackware 8.1 kernel security update (SSA:2004-008-01)

high Nessus Plugin ID 18786

Synopsis

The remote Slackware host is missing a security update.

Description

New kernels are available for Slackware 8.1 containing a backported fix from a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. This fix was previously issued for Slackware 9.0, 9.1, and -current (SSA:2004-006-01). Sites running Slackware 8.1 should upgrade to the new kernel. After installing the new kernel, be sure to run 'lilo'.

Solution

Update the affected kernel-ide and / or kernel-source packages.

See Also

http://www.nessus.org/u?b72c60b9

Plugin Details

Severity: High

ID: 18786

File Name: Slackware_SSA_2004-008-01.nasl

Version: 1.16

Type: local

Published: 7/13/2005

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:kernel-ide, p-cpe:/a:slackware:slackware_linux:kernel-source, cpe:/o:slackware:slackware_linux:8.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Patch Publication Date: 1/9/2004

Reference Information

CVE: CVE-2003-0985

SSA: 2004-008-01