Published: 14/03/2006 Updated: 03/10/2018

CVSS v2 Base Score: 7.1 | Impact Score: 9.2 | Exploitability Score: 4.9

VMScore: 632

Vector: AV:N/AC:H/Au:N/C:C/I:N/A:C

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.0
linux linux kernel 2.6.1
linux linux kernel 2.6.10
linux linux kernel 2.6.11.3
linux linux kernel 2.6.11.4
linux linux kernel 2.6.11
linux linux kernel 2.6.12.4
linux linux kernel 2.6.12.5
linux linux kernel 2.6.13.3
linux linux kernel 2.6.13.4
linux linux kernel 2.6.14.2
linux linux kernel 2.6.14.3
linux linux kernel 2.6.15.1
linux linux kernel 2.6.15.2
linux linux kernel 2.6.15.3
linux linux kernel 2.6.15
linux linux kernel 2.6.7
linux linux kernel 2.6.8
linux linux kernel 2.6.11.12
linux linux kernel 2.6.11.2
linux linux kernel 2.6.11.9
linux linux kernel 2.6.12.2
linux linux kernel 2.6.12.3
linux linux kernel 2.6.13.1
linux linux kernel 2.6.13.2
linux linux kernel 2.6.14
linux linux kernel 2.6.14.1
linux linux kernel 2.6.6
linux linux kernel 2.6.9
linux linux kernel 2.6.11.1
linux linux kernel 2.6.11.5
linux linux kernel 2.6.11.6
linux linux kernel 2.6.11_rc1_bk6
linux linux kernel 2.6.12.6
linux linux kernel 2.6.12
linux linux kernel 2.6.13
linux linux kernel 2.6.14.4
linux linux kernel 2.6.15.4
linux linux kernel 2.6.15.5
linux linux kernel 2.6.3
linux linux kernel 2.6.4
linux linux kernel 2.6.8.1
linux linux kernel 2.6.8.1.5
linux linux kernel 2.6.11.10
linux linux kernel 2.6.11.11
linux linux kernel 2.6.11.7
linux linux kernel 2.6.11.8
linux linux kernel 2.6.12.1
linux linux kernel 2.6.5

A flaw was found in the module reference counting for loadable protocol modules of netfilter By performing particular socket operations, a local attacker could exploit this to crash the kernel This flaw only affects Ubuntu 510 (CVE-2005-3359) ...

NVD-CWE-Other http://www.securityfocus.com/bid/17084 http://secunia.com/advisories/19220 http://www.osvdb.org/23894 http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.redhat.com/support/errata/RHSA-2006-0575.html http://secunia.com/advisories/21465 http://secunia.com/advisories/20398 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://secunia.com/advisories/22417 http://www.mandriva.com/security/advisories?name=MDKSA-2006:059 https://exchange.xforce.ibmcloud.com/vulnerabilities/25354 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9566 https://usn.ubuntu.com/263-1/https://usn.ubuntu.com/263-1/https://nvd.nist.gov

CVE-2006-0457

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect