Rapid7 Vulnerability & Exploit Database

RHSA-2003:098: Updated 2.4 kernel fixes vulnerability

Back to Search

RHSA-2003:098: Updated 2.4 kernel fixes vulnerability

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
03/31/2003
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are now available. These packages fix a ptrace-related vulnerability that can lead to elevated (root) privileges. [Updated 30 March 2003] Updated kernel packages for Red Hat Linux 7.2 ia64 have been added. [Updated 28 May 2003] Replacement kernel packages for Red Hat Linux 7.2 ia64 have been added; the previous packages did not contain the fix for the ptrace vulnerability.

The Linux kernel handles the basic functions of the operating system. A vulnerability has been found in version 2.4.18 of the kernel. This vulnerability makes it possible for local users to gain elevated (root) privileges without authorization. This advisory includes updates for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. All users of Red Hat Linux 7.1, 7.2, 7.3, and 8.0 should upgrade to these errata packages, which contain patches to fix the vulnerability.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-bigmem
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;