Published: 05/05/2006 Updated: 30/10/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.0
linux linux kernel 2.6.1
linux linux kernel 2.6.11
linux linux kernel 2.6.11.1
linux linux kernel 2.6.11.5
linux linux kernel 2.6.11.10
linux linux kernel 2.6.11.11
linux linux kernel 2.6.11.7
linux linux kernel 2.6.11.8
linux linux kernel 2.6.11_rc1_bk6
linux linux kernel 2.6.12
linux linux kernel 2.6.10
linux linux kernel 2.6.11.3
linux linux kernel 2.6.11.4
linux linux kernel 2.6.12.3
linux linux kernel 2.6.12.4
linux linux kernel 2.6.13
linux linux kernel 2.6.14.3
linux linux kernel 2.6.14.4
linux linux kernel 2.6.14
linux linux kernel 2.6.15.7
linux linux kernel 2.6.15
linux linux kernel 2.6.16
linux linux kernel 2.6.16.1
linux linux kernel 2.6.6
linux linux kernel 2.6.11.12
linux linux kernel 2.6.11.2
linux linux kernel 2.6.11.9
linux linux kernel 2.6.12.1
linux linux kernel 2.6.12.2
linux linux kernel 2.6.13.4
linux linux kernel 2.6.14.1
linux linux kernel 2.6.14.2
linux linux kernel 2.6.15.5
linux linux kernel 2.6.15.6
linux linux kernel 2.6.16.7
linux linux kernel 2.6.16.8
linux linux kernel 2.6.17
linux linux kernel 2.6.7
linux linux kernel 2.6.8.1.5
linux linux kernel 2.6.9
linux linux kernel 2.6.11.6
linux linux kernel 2.6.12.5
linux linux kernel 2.6.12.6
linux linux kernel 2.6.13.1
linux linux kernel 2.6.14.5
linux linux kernel 2.6.14.6
linux linux kernel 2.6.15.1
linux linux kernel 2.6.16.12
linux linux kernel 2.6.16.2
linux linux kernel 2.6.8
linux linux kernel 2.6_test9_cvs
linux linux kernel 2.6.13.2
linux linux kernel 2.6.13.3
linux linux kernel 2.6.14.7
linux linux kernel 2.6.15.2
linux linux kernel 2.6.15.3
linux linux kernel 2.6.15.4
linux linux kernel 2.6.16.3
linux linux kernel 2.6.16.4
linux linux kernel 2.6.16_rc7
linux linux kernel 2.6.8.1

The sys_mbind() function did not properly verify the validity of the ‘maxnod’ argument A local user could exploit this to trigger a buffer overflow, which caused a kernel crash (CVE-2006-0557) ...

This advisory covers the S/390 components of the recent security update for the Linux 268 kernel that were missing due to technical problems For reference, please see the text of the original advisory Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitr ...

NVD-CWE-Other http://selinuxnews.org/wp/index.php/2006/03/13/security-ptrace-bug-cve-2006-1052/http://www.securityfocus.com/bid/17830 http://secunia.com/advisories/19955 http://www.osvdb.org/25232 http://secunia.com/advisories/20157 http://www.redhat.com/support/errata/RHSA-2006-0575.html http://secunia.com/advisories/21465 http://www.debian.org/security/2006/dsa-1184 http://secunia.com/advisories/22093 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://secunia.com/advisories/22417 http://www.mandriva.com/security/advisories?name=MDKSA-2006:086 http://marc.info/?l=selinux&m=114226465106131&w=2 http://marc.info/?l=git-commits-head&m=114210002712363&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10102 https://usn.ubuntu.com/281-1/https://usn.ubuntu.com/281-1/https://nvd.nist.gov

CVE-2006-1052

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect