CVE: CAN-2003-0643
Updated: Tue, 06 Jul 2004 14:27:44 +0900
Summary: The Linux Socket Filter implementation contains a bug which
         can lead to a local dos. Due to a unsigned->signed conversion
         and insufficient bounds checking it is possible to crash the kernel
         by accessing unmapped memory. The bug was introduced
         during the attempt to fix other signedness issues in 2.4.3-pre3.
	 (text:Patrick McHardy, LKML)
Priority: Low
Status: Closed
Source:  DSA-358-4, LKML
Link:  http://www.uwsg.iu.edu/hypermail/linux/net/0307.3/0022.html
       http://www.ultramonkey.org/news_archive.shtml#2003120800
       http://www.ultramonkey.org/news_archive.shtml#2004062601
Resolved In:
  Kernel: 2.4.22-pre10 (Introduced in 2.4.3-pre3)
  Patch: http://linux.bkbits.net:8080/linux-2.4/cset@1.1019.3.3??nav=index.html
  Red Hat Linux 7.3:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Red Hat Linux 8.0:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Red Hat Linux 9:
         Vendor:      None (EOL)
         UltraMonkey: kernel-2.4.20-31.9.um.1
  Fedora Core 1:
         Vendor:      Not Vulnerable (>=2.4.22)
         UltraMonkey: Not Vulnerable (>=2.4.22)
  Red Hat Enterprise Linux 3:
         Vendor:      kernel-2.4.21-4.EL (initial release)
         UltraMonkey: kernel-2.4.21-9.EL.um.1 (initial release)
  Debian Woody:
         Vendor:      kernel-source-2.4.18_2.4.18-11
         UltraMonkey: kernel-source-2.4.22_2.4.22-7woody.um.2
  Debian Sid:
         Vendor:      kernel-2.4.21_2.4.21-4
         UltraMonkey: kernel-source-2.4.22_2.4.22-7.um.2