Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0457

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2006-0457
Last Modified 21 Aug 2010 12:39:29
Published 13 Mar 2006 09:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0457

Summary

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11 Rc1 Bk6

  • Linux Kernel 2.6.11.1

  • Linux Kernel 2.6.11.10

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.2

  • Linux Kernel 2.6.11.3

  • Linux Kernel 2.6.11.4

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.11.9

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.12.5

  • Linux Kernel 2.6.12.6

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.13.1

  • Linux Kernel 2.6.13.2

  • Linux Kernel 2.6.13.3

  • Linux Kernel 2.6.13.4

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.8.1

  • Linux Kernel 2.6.8.1.5

  • Linux Kernel 2.6.9


References

UBUNTU - USN-263-1

XF - kernel-addkey-dos(25354)

BID - 17084

REDHAT - RHSA-2006:0575

OSVDB - 23894

SUSE - SUSE-SA:2006:028

MANDRIVA - MDKSA-2006:059

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm

SECUNIA - 22417

SECUNIA - 21465

SECUNIA - 20398

SECUNIA - 19220


Last Updated: 27 May 2016 10:41:39