SB2001041702 - Out-of-bounds write in Linux kernel
Published: April 17, 2001
Security Bulletin ID
SB2001041702
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds write (CVE-ID: CVE-2001-1399)
The vulnerability allows a local user to corrupt data.
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka 'User access asm bug on x86.'
Remediation
Install update from vendor's website.
References
- http://marc.info/?l=bugtraq&m=98575345009963&w=2
- http://marc.info/?l=bugtraq&m=98637996127004&w=2
- http://marc.info/?l=bugtraq&m=98653252326445&w=2
- http://marc.info/?l=bugtraq&m=98684172109474&w=2
- http://marc.info/?l=bugtraq&m=98759029811377&w=2
- http://marc.info/?l=bugtraq&m=98775114228203&w=2
- http://marc.info/?l=bugtraq&m=99013830726309&w=2
- http://www.linux.org.uk/VERSION/relnotes.2219.html
- http://www.redhat.com/support/errata/RHSA-2001-047.html
- https://www.debian.org/security/2001/dsa-047