Name | CVE-2003-0001 |
Description | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more) |
References | DSA-311, DSA-312, DSA-332, DSA-336, DSA-423, DSA-442 |
NVD severity | medium (attack range: remote) |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
kernel-image-2.2.20-i386 | source | woody | 2.2.20-5woody3 | medium | DSA-336 | |
kernel-image-2.4.17-ia64 | source | woody | kernel-image-2.4.17-ia64 | medium | DSA-423 | |
kernel-image-2.4.17-s390 | source | woody | 2.4.17-2.woody.3 | medium | DSA-442 | |
kernel-image-2.4.18-1-i386 | source | woody | 2.4.18-8 | medium | DSA-311 | |
kernel-image-2.4.18-i386bf | source | woody | 2.4.18-5woody1. | medium | DSA-311 | |
kernel-patch-2.4.17-mips | source | woody | 2.4.17-0.020226.2.woody2 | medium | DSA-332 | |
kernel-patch-2.4.17-s390 | source | woody | 0.0.20020816-0.woody.2 | medium | DSA-442 | |
kernel-patch-2.4.18-powerpc | source | woody | 2.4.18-1woody1 | medium | DSA-312 | |
kernel-source-2.2.20 | source | woody | 2.2.20-5woody2 | medium | DSA-336 | |
kernel-source-2.4.17 | source | woody | 2.4.17-1woody1 | medium | DSA-332 | |
kernel-source-2.4.18 | source | woody | 2.4.18-9 | medium | DSA-311 | |
kernel-source-2.4.27 | source | (unstable) | (not affected) |
- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-pre5)