CVE-2003-0001

NameCVE-2003-0001
DescriptionMultiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-311, DSA-312, DSA-332, DSA-336, DSA-423, DSA-442

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kernel-image-2.2.20-i386sourcewoody2.2.20-5woody3DSA-336
kernel-image-2.4.17-ia64sourcewoodykernel-image-2.4.17-ia64DSA-423
kernel-image-2.4.17-s390sourcewoody2.4.17-2.woody.3DSA-442
kernel-image-2.4.18-1-i386sourcewoody2.4.18-8DSA-311
kernel-image-2.4.18-i386bfsourcewoody2.4.18-5woody1.DSA-311
kernel-patch-2.4.17-mipssourcewoody2.4.17-0.020226.2.woody2DSA-332
kernel-patch-2.4.17-s390sourcewoody0.0.20020816-0.woody.2DSA-442
kernel-patch-2.4.18-powerpcsourcewoody2.4.18-1woody1DSA-312
kernel-source-2.2.20sourcewoody2.2.20-5woody2DSA-336
kernel-source-2.4.17sourcewoody2.4.17-1woody1DSA-332
kernel-source-2.4.18sourcewoody2.4.18-9DSA-311
kernel-source-2.4.27source(unstable)(not affected)

Notes

- kernel-source-2.4.27 <not-affected> (Fixed before initial upload; 2.4.21-pre5)

Search for package or bug name: Reporting problems