• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel 2.2 mmap() Local Denial of Service Vulnerability

Solution:
EnGarde Secure Linux has released a security advisory (ESA-20030318-009) and fixes which address this issue. Users are advised to upgrade as soon as possible.

Mandrake has released a security advisory (MDKSA-2003:039) containing fixes which address this and other vulnerabilities. Users are advised to upgrade as soon as possible.

A revised Debian advisory (DSA 336-2) has been released. New kernel 2.2.20 fixes are available. Further information is available in the referenced advisory. Users of the apt-get system are advised to issue the following commands to update affected systems:

apt-get update
apt-get upgrade

The following fixes are available:


Linux kernel 2.2.14

• Red Hat kernel-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-2.2.24-6.2.3.i386.rpm


• Red Hat kernel-2.2.24-6.2.3.i586.rpm
  ftp://updates.redhat.com/6.2/en/os/i586/kernel-2.2.24-6.2.3.i586.rpm


• Red Hat kernel-2.2.24-6.2.3.i686.rpm
  ftp://updates.redhat.com/6.2/en/os/i686/kernel-2.2.24-6.2.3.i686.rpm


• Red Hat kernel-BOOT-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-BOOT-2.2.24-6.2.3.i386. rpm


• Red Hat kernel-doc-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-doc-2.2.24-6.2.3.i386.r pm


• Red Hat kernel-enterprise-2.2.24-6.2.3.i686.rpm
  ftp://updates.redhat.com/6.2/en/os/i686/kernel-enterprise-2.2.24-6.2.3 .i686.rpm


• Red Hat kernel-headers-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-headers-2.2.24-6.2.3.i3 86.rpm


• Red Hat kernel-ibcs-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-ibcs-2.2.24-6.2.3.i386. rpm


• Red Hat kernel-pcmcia-cs-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-pcmcia-cs-2.2.24-6.2.3. i386.rpm


• Red Hat kernel-smp-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-smp-2.2.24-6.2.3.i386.r pm


• Red Hat kernel-smp-2.2.24-6.2.3.i586.rpm
  ftp://updates.redhat.com/6.2/en/os/i586/kernel-smp-2.2.24-6.2.3.i586.r pm


• Red Hat kernel-smp-2.2.24-6.2.3.i686.rpm
  ftp://updates.redhat.com/6.2/en/os/i686/kernel-smp-2.2.24-6.2.3.i686.r pm


• Red Hat kernel-source-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-source-2.2.24-6.2.3.i38 6.rpm


• Red Hat kernel-utils-2.2.24-6.2.3.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/kernel-utils-2.2.24-6.2.3.i386 .rpm

Linux kernel 2.2.16

• Red Hat kernel-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-2.2.24-7.0.3.i386.rpm


• Red Hat kernel-2.2.24-7.0.3.i586.rpm
  ftp://updates.redhat.com/7.0/en/os/i586/kernel-2.2.24-7.0.3.i586.rpm


• Red Hat kernel-2.2.24-7.0.3.i686.rpm
  ftp://updates.redhat.com/7.0/en/os/i686/kernel-2.2.24-7.0.3.i686.rpm


• Red Hat kernel-BOOT-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-BOOT-2.2.24-7.0.3.i386. rpm


• Red Hat kernel-doc-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-doc-2.2.24-7.0.3.i386.r pm


• Red Hat kernel-enterprise-2.2.24-7.0.3.i686.rpm
  ftp://updates.redhat.com/7.0/en/os/i686/kernel-enterprise-2.2.24-7.0.3 .i686.rpm


• Red Hat kernel-ibcs-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-ibcs-2.2.24-7.0.3.i386. rpm


• Red Hat kernel-pcmcia-cs-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-pcmcia-cs-2.2.24-7.0.3. i386.rpm


• Red Hat kernel-smp-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-smp-2.2.24-7.0.3.i386.r pm


• Red Hat kernel-smp-2.2.24-7.0.3.i586.rpm
  ftp://updates.redhat.com/7.0/en/os/i586/kernel-smp-2.2.24-7.0.3.i586.r pm


• Red Hat kernel-smp-2.2.24-7.0.3.i686.rpm
  ftp://updates.redhat.com/7.0/en/os/i686/kernel-smp-2.2.24-7.0.3.i686.r pm


• Red Hat kernel-source-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-source-2.2.24-7.0.3.i38 6.rpm


• Red Hat kernel-utils-2.2.24-7.0.3.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/kernel-utils-2.2.24-7.0.3.i386 .rpm

Linux kernel 2.2.17

• Mandrake kernel-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-doc-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-headers-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-pcmcia-cs-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-secure-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-smp-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-source-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-utils-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php

Linux kernel 2.2.19

• EnGarde Secure Linux kernel-2.2.19-1.0.30.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/kernel-2.2. 19-1.0.30.i386.rpm


• EnGarde Secure Linux kernel-2.2.19-1.0.30.i686.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/kernel-2.2. 19-1.0.30.i686.rpm


• EnGarde Secure Linux kernel-lids-mods-2.2.19-1.0.30.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/kernel-lids -mods-2.2.19-1.0.30.i386.rpm


• EnGarde Secure Linux kernel-lids-mods-2.2.19-1.0.30.i686.rpm
  http://ftp.engardelinux.org/pub/engarde/stable/i686/kernel-lids-mods-2 .2.19-1.0.30.i686.rpm


• EnGarde Secure Linux kernel-smp-lids-mods-2.2.19-1.0.30.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/kernel-smp- lids-mods-2.2.19-1.0.30.i386.rpm


• EnGarde Secure Linux kernel-smp-lids-mods-2.2.19-1.0.30.i686.rpm
  http://ftp.engardelinux.org/pub/engarde/stable/i686/kernel-smp-lids-mo ds-2.2.19-1.0.30.i686.rpm


• EnGarde Secure Linux kernel-smp-mods-2.2.19-1.0.30.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/kernel-smp- mods-2.2.19-1.0.30.i386.rpm


• EnGarde Secure Linux kernel-smp-mods-2.2.19-1.0.30.i686.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/kernel-smp- mods-2.2.19-1.0.30.i686.rpm


• Mandrake kernel-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-doc-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-headers-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-pcmcia-cs-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-secure-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-smp-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-source-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-utils-2.2.25-1.1mdk.i586.rpm
  Single Network Firewall 7.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-smp-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-source-2.2.25-1.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php

Linux kernel 2.2.20

• Mandrake kernel22-2.2.25-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-2.2.25-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-smp-2.2.25-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-source-2.2.25-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel22-source-2.2.25-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php

Linux kernel 2.2.22

• Trustix kernel-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-2.2.22-8tr.i 586.rpm


• Trustix kernel-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-2.2.22-8tr.i 586.rpm


• Trustix kernel-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-2.2.22-8tr.i 586.rpm


• Trustix kernel-BOOT-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-BOOT-2.2.22- 8tr.i586.rpm


• Trustix kernel-BOOT-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-BOOT-2.2.22- 8tr.i586.rpm


• Trustix kernel-BOOT-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-BOOT-2.2.22- 8tr.i586.rpm


• Trustix kernel-doc-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-doc-2.2.22-8 tr.i586.rpm


• Trustix kernel-doc-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-doc-2.2.22-8 tr.i586.rpm


• Trustix kernel-doc-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-doc-2.2.22-8 tr.i586.rpm


• Trustix kernel-headers-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-headers-2.2. 22-8tr.i586.rpm


• Trustix kernel-headers-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-headers-2.2. 22-8tr.i586.rpm


• Trustix kernel-headers-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-headers-2.2. 22-8tr.i586.rpm


• Trustix kernel-smp-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-smp-2.2.22-8 tr.i586.rpm


• Trustix kernel-smp-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-smp-2.2.22-8 tr.i586.rpm


• Trustix kernel-smp-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-smp-2.2.22-8 tr.i586.rpm


• Trustix kernel-source-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-source-2.2.2 2-8tr.i586.rpm


• Trustix kernel-source-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-source-2.2.2 2-8tr.i586.rpm


• Trustix kernel-source-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-source-2.2.2 2-8tr.i586.rpm


• Trustix kernel-utils-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/kernel-utils-2.2.22 -8tr.i586.rpm


• Trustix kernel-utils-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/kernel-utils-2.2.22 -8tr.i586.rpm


• Trustix kernel-utils-2.2.22-8tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/kernel-utils-2.2.22 -8tr.i586.rpm