Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0035

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2006-0035
Last Modified 19 Mar 2012 12:00:00
Published 11 Jan 2006 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0035

Summary

The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.15


References

TRUSTIX - 2006-0004

SECUNIA - 18482

XF - kernel-afnetlink-dos(24202)

VUPEN - ADV-2006-0220

BID - 16414

CONFIRM - http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad8e4b75c8a7bed475d72ce09bf5267188621961

SREASON - 388


Last Updated: 27 May 2016 10:42:30