/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux | Redhat | 7.1 (including) | 7.1 (including) |
| Linux | Redhat | 7.2 (including) | 7.2 (including) |
| Linux | Redhat | 7.3 (including) | 7.3 (including) |
| Linux | Redhat | 8.0 (including) | 8.0 (including) |
| Linux | Redhat | 9.0 (including) | 9.0 (including) |
| Red Hat Enterprise Linux 3 | RedHat | kernel-0:2.4.21-15.EL | * |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Kernel-source-2.4.27 | Ubuntu | dapper | * |
| Kernel-source-2.4.27 | Ubuntu | edgy | * |
References
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423
- http://www.redhat.com/support/errata/RHSA-2003-238.html
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997
- http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
- http://www.debian.org/security/2004/dsa-358
- http://www.debian.org/security/2004/dsa-423
- http://www.redhat.com/support/errata/RHSA-2003-238.html
- http://www.redhat.com/support/errata/RHSA-2004-188.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997