Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 276-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)

Information

Severity

Severity

High

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

7.2

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390 announced via advisory DSA 276-1.

Insight

Insight

The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible. This advisory only covers kernel packages for the S/390 architecture. Other architectures will be covered by separate advisories. For the stable distribution (woody) this problem has been fixed in the following versions: kernel-patch-2.4.17-s390: version 0.0.20020816-0.woody.1.1 kernel-image-2.4.17-s390: version 2.4.17-2.woody.2.2 The old stable distribution (potato) is not affected by this problem for this architecture since s390 was first released with Debian GNU/Linux 3.0 (woody). For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your kernel-images packages immediately.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20276-1

Common Vulnerabilities and Exposures (CVE)