Description
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
Affected products
- Linux / Linux kernel2.4.21 – 2.4.21
- Linux / Linux kernel2.4.0 – 2.4.0
- Linux / Linux kernel2.4.1 – 2.4.1
- Linux / Linux kernel2.4.2 – 2.4.2
- Linux / Linux kernel2.4.3 – 2.4.3
- Linux / Linux kernel2.4.4 – 2.4.4
- Linux / Linux kernel2.4.5 – 2.4.5
- Linux / Linux kernel2.4.6 – 2.4.6
- Linux / Linux kernel2.4.7 – 2.4.7
- Linux / Linux kernel2.4.8 – 2.4.8
- Linux / Linux kernel2.4.9 – 2.4.9
- Linux / Linux kernel2.4.10 – 2.4.10
- Linux / Linux kernel2.4.11 – 2.4.11
- Linux / Linux kernel2.4.12 – 2.4.12
- Linux / Linux kernel2.4.13 – 2.4.13
- Linux / Linux kernel2.4.14 – 2.4.14
- Linux / Linux kernel2.4.15 – 2.4.15
- Linux / Linux kernel2.4.16 – 2.4.16
- Linux / Linux kernel2.4.17 – 2.4.17
- Linux / Linux kernel2.4.18 – 2.4.18
- Linux / Linux kernel2.4.19 – 2.4.19
- Linux / Linux kernel2.4.20 – 2.4.20
- mandrakesoft / mandrake_linux8.2 – 8.2
- mandrakesoft / mandrake_linux8.2 – 8.2
- mandrakesoft / mandrake_linux9.0 – 9.0
- mandrakesoft / mandrake_linux_corporate_server2.1 – 2.1
- mandrakesoft / mandrake_multi_network_firewall8.2 – 8.2
References
- MISChttp://www.redhat.com/support/errata/RHSA-2003-238.html
- VENDOR_ADVISORYhttp://www.debian.org/security/2004/dsa-423
- MISChttp://www.redhat.com/support/errata/RHSA-2003-198.html
- MISChttp://www.redhat.com/support/errata/RHSA-2003-239.html
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309
- VENDOR_ADVISORYhttp://www.debian.org/security/2004/dsa-358