Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0095

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-0095
Last Modified 07 Mar 2011 09:29:19
Published 06 Jan 2006 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0095

Summary

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.1

  • Linux Kernel 2.6.11.10

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.2

  • Linux Kernel 2.6.11.3

  • Linux Kernel 2.6.11.4

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.11.9

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.8.1

  • Linux Kernel 2.6.9


References

MLIST - [linux-kernel] 20060104 [Patch 2.6] dm-crypt: zero key before freeing it

VUPEN - ADV-2006-0235

MLIST - [linux-kernel] 20060104 [Patch 2.6] dm-crypt: Zero key material before free to avoid information leak

XF - kernel-dmcrypt-information-disclosure(24189)

UBUNTU - USN-244-1

TRUSTIX - 2006-0004

BID - 16301

FEDORA - FLSA:157459-4

REDHAT - RHSA-2006:0132

FEDORA - FEDORA-2006-102

OSVDB - 22418

SUSE - SUSE-SA:2006:028

MANDRIVA - MDKSA-2006:040

DEBIAN - DSA-1017

SECTRACK - 1015740

SREASON - 388

SECUNIA - 20398

SECUNIA - 19374

SECUNIA - 19160

SECUNIA - 18774

SECUNIA - 18527

SECUNIA - 18487


Last Updated: 27 May 2016 10:41:32