|
|
Linux Kernel do_brk Function Boundary Condition Vulnerability
|
Bugtraq ID:
|
9138
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
CAN-2003-0961
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Dec 01 2003 12:00AM
|
|
Updated:
|
Dec 01 2003 12:00AM
|
|
Credit:
|
Discovery of this vulnerability has been credited to Andrew Morton. This issue was also independently discovered by Paul Starzetz <ihaquer@isec.pl>.
|
|
Vulnerable:
|
VMWare ESX Server 2.0.1 build 6403
VMWare ESX Server 2.0.1
VMWare ESX Server 2.0
VMWare ESX Server 1.5.2
Trustix Secure Linux 2.0
Sun Cobalt RaQ 550
SmoothWall Express 2.0
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test1
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.9
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.6
Linux kernel 2.5.5
Linux kernel 2.5.4
Linux kernel 2.5.3
Linux kernel 2.5.2
Linux kernel 2.5.1
Linux kernel 2.5 .0
Linux kernel 2.4.22
+
Devil-Linux Devil-Linux 1.0.5
+
Devil-Linux Devil-Linux 1.0.4
+
MandrakeSoft Linux Mandrake 9.2 amd64
+
MandrakeSoft Linux Mandrake 9.2
+
RedHat Fedora Core1
+
Slackware Linux 9.1
Linux kernel 2.4.21
+
Conectiva Linux 9.0
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
RedHat Desktop 3.0
+
RedHat Enterprise Linux AS 3
+
RedHat Enterprise Linux ES 3
+
RedHat Enterprise Linux WS 3
+
S.u.S.E. Linux Enterprise Server 8
+
S.u.S.E. Linux Personal 9.0 x86_64
+
S.u.S.E. Linux Personal 9.0
Linux kernel 2.4.20
Linux kernel 2.4.19
+
Conectiva Linux 8.0
+
Conectiva Linux Enterprise Edition 1.0
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 9.0
+
MandrakeSoft Multi Network Firewall 2.0
+
S.u.S.E. Linux 8.1
+
S.u.S.E. Linux Enterprise Server 8
+
S.u.S.E. Linux Enterprise Server 7
+
Slackware Linux -current
Linux kernel 2.4.18
+
Astaro Security Linux 2.0 23
+
Astaro Security Linux 2.0 16
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0
+
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
+
RedHat Advanced Workstation for the Itanium Processor 2.1
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Linux 8.0
+
RedHat Linux 7.3
+
S.u.S.E. Linux 8.1
+
S.u.S.E. Linux 8.0
+
S.u.S.E. Linux 7.3
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.1
+
S.u.S.E. Linux Connectivity Server
+
S.u.S.E. Linux Database Server 0
+
S.u.S.E. Linux Enterprise Server 8
+
S.u.S.E. Linux Enterprise Server 7
+
S.u.S.E. Linux Firewall on CD
+
S.u.S.E. Linux Office Server
+
S.u.S.E. Linux Openexchange Server
+
S.u.S.E. Linux Personal 8.2
+
S.u.S.E. SuSE eMail Server 3.1
+
S.u.S.E. SuSE eMail Server III
+
Turbolinux Turbolinux Server 8.0
+
Turbolinux Turbolinux Server 7.0
+
Turbolinux Turbolinux Workstation 8.0
+
Turbolinux Turbolinux Workstation 7.0
Linux kernel 2.4.17
Linux kernel 2.4.16
+
Sun Cobalt RaQ 550
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Workstation 3.1.1
Linux kernel 2.4.12
+
Conectiva Linux 7.0
Linux kernel 2.4.11
Linux kernel 2.4.10
Linux kernel 2.4.9
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 alpha
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
Sun Linux 5.0.5
+
Sun Linux 5.0.3
+
Sun Linux 5.0
Linux kernel 2.4.8
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0
Linux kernel 2.4.7
+
RedHat Linux 7.2
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.1
Linux kernel 2.4.6
Linux kernel 2.4.5
+
Slackware Linux 8.0
Linux kernel 2.4.4
+
S.u.S.E. Linux 7.2
Linux kernel 2.4.3
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
Linux kernel 2.4.2
Linux kernel 2.4.1
Linux kernel 2.4
Astaro Security Linux 4.0 16
Astaro Security Linux 4.0 08
|
|
|
|
Not Vulnerable:
|
SGI ProPack 2.3
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.4.23
+
Trustix Secure Linux 2.0
Astaro Security Linux 4.0 17
|
|
|
