Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7))

Published: 2008-03-11 20:16:32
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Recommendations:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201503-2

Technical Details:
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Linux Distribution Package versions referenced in the initial DSA-1503 advisory introduced a regression that can cause hangs on systems that make use of the ext2 filesystem. The regression has been resolved in the Linux Distribution Package versions referenced by this updated advisory. For details, please visit the referenced security advisories. The following matrix lists additional Linux Distribution Packages that were rebuilt for compatibility with or to take advantage of this update: Debian 3.1 (sarge) alsa-modules-i386 1.0.8+2sarge2 fai-kernels 1.9.1sarge9 kernel-image-2.4.27-arm 2.4.27-2sarge7 kernel-image-2.4.27-m68k 2.4.27-3sarge7 kernel-image-speakup-i386 2.4.27-1.1sarge6 kernel-image-2.4.27-alpha 2.4.27-10sarge7 kernel-image-2.4.27-s390 2.4.27-2sarge7 kernel-image-2.4.27-sparc 2.4.27-9sarge7 kernel-image-2.4.27-i386 2.4.27-10sarge7 kernel-image-2.4.27-ia64 2.4.27-10sarge7 kernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-4 kernel-patch-powerpc-2.4.27 2.4.27-10sarge7 kernel-latest-2.4-alpha 101sarge3 kernel-latest-2.4-i386 101sarge2 kernel-latest-2.4-s390 2.4.27-1sarge2 kernel-latest-2.4-sparc 42sarge3 i2c 1:2.9.1-1sarge2 lm-sensors 1:2.9.1-1sarge4 mindi-kernel 2.4.27-2sarge6 pcmcia-modules-2.4.27-i386 3.2.5+2sarge2 hostap-modules-i386 1:0.3.7-1sarge3 systemimager 3.2.3-6sarge6 We recommend that you upgrade your kernel Linux Distribution Package immediately and reboot

Summary:
The remote host is missing an update to kernel-source-2.4.27 (2.4.27-10sarge7) announced via advisory DSA 1503-2.

Detection Type:
Linux Distribution Package

Solution Type:
Vendor Patch

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2004-2731
https://nvd.nist.gov/vuln/detail/CVE-2006-4814
https://nvd.nist.gov/vuln/detail/CVE-2006-5753
https://nvd.nist.gov/vuln/detail/CVE-2006-5823
https://nvd.nist.gov/vuln/detail/CVE-2006-6053
https://nvd.nist.gov/vuln/detail/CVE-2006-6054
https://nvd.nist.gov/vuln/detail/CVE-2006-6106
https://nvd.nist.gov/vuln/detail/CVE-2007-1353
https://nvd.nist.gov/vuln/detail/CVE-2007-1592
https://nvd.nist.gov/vuln/detail/CVE-2007-2172
https://nvd.nist.gov/vuln/detail/CVE-2007-2525
https://nvd.nist.gov/vuln/detail/CVE-2007-3848
https://nvd.nist.gov/vuln/detail/CVE-2007-4308
https://nvd.nist.gov/vuln/detail/CVE-2007-4311
https://nvd.nist.gov/vuln/detail/CVE-2007-5093
https://nvd.nist.gov/vuln/detail/CVE-2007-6063
https://nvd.nist.gov/vuln/detail/CVE-2007-6151
https://nvd.nist.gov/vuln/detail/CVE-2007-6206
https://nvd.nist.gov/vuln/detail/CVE-2007-6694
https://nvd.nist.gov/vuln/detail/CVE-2008-0007

Search
Severity
High
CVSS Score
7.8

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.