Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2629

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-2629
Last Modified 07 Mar 2011 09:36:35
Published 27 May 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2006-2629

Summary

Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.15.6

  • Linux Kernel 2.6.16

  • Linux Kernel 2.6.16.1

  • Linux Kernel 2.6.16.10

  • Linux Kernel 2.6.16.11

  • Linux Kernel 2.6.16.12

  • Linux Kernel 2.6.16.13

  • Linux Kernel 2.6.16.14

  • Linux Kernel 2.6.16.15

  • Linux Kernel 2.6.16.16

  • Linux Kernel 2.6.16.17

  • Linux Kernel 2.6.16.18

  • Linux Kernel 2.6.16.2

  • Linux Kernel 2.6.16.3

  • Linux Kernel 2.6.16.4

  • Linux Kernel 2.6.16.5

  • Linux Kernel 2.6.16.6

  • Linux Kernel 2.6.16.7

  • Linux Kernel 2.6.16.8

  • Linux Kernel 2.6.16.9

  • Linux Kernel 2.6.17


References

VUPEN - ADV-2006-2070

MLIST - [linux-kernel] 20060526 PROBLEM: /proc (procfs) task exit race condition causes a kernelcrash

XF - linux-task-race-condition-dos(26746)

BID - 18183

OSVDB - 25847

SECUNIA - 20349


Last Updated: 27 May 2016 10:42:40