Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Mandrake Linux Security Update Advisory

Dec 1, 2003 6:48AM PST

Package name: kernel
Advisory ID: MDKSA-2003:110
Date: December 1st, 2003

Affected versions: 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2

Problem Description:

A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable; an exploit is in the wild at this time.

The Mandrake Linux 9.2 kernels are not vulnerable to this problem as the fix for it is already present in those kernels.

MandrakeSoft encourages all users to upgrade their systems immediately.

More info at http://www.securityfocus.com/advisories/6116

Discussion is locked