cve-2006-3626
Vulnerability from cvelistv5
Published
2006-07-15 01:06
Modified
2024-08-07 18:39
Severity ?
EPSS score ?
Summary
Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:39:53.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-proc-race-condition(27790)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790" }, { "name": "ADV-2006-2816", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2816" }, { "name": "SUSE-SR:2006:017", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html" }, { "name": "SUSE-SA:2006:042", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html" }, { "name": "21123", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21123" }, { "name": "RHSA-2006:0617", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html" }, { "name": "21057", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21057" }, { "name": "oval:org.mitre.oval:def:10060", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060" }, { "name": "21605", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21605" }, { "name": "SUSE-SA:2006:047", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html" }, { "name": "21073", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21073" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c" }, { "name": "22174", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22174" }, { "name": "27120", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/27120" }, { "name": "MDKSA-2006:124", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124" }, { "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html" }, { "name": "USN-319-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/319-1/" }, { "name": "DSA-1111", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1111" }, { "name": "21498", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21498" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm" }, { "name": "21041", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21041" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973" }, { "name": "18992", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18992" }, { "name": "USN-319-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-319-2" }, { "name": "21119", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21119" }, { "name": "SUSE-SA:2006:049", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html" }, { "name": "20060717 rPSA-2006-0130-1 kernel", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded" }, { "name": "21179", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21179" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-proc-race-condition(27790)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790" }, { "name": "ADV-2006-2816", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2816" }, { "name": "SUSE-SR:2006:017", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html" }, { "name": "SUSE-SA:2006:042", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html" }, { "name": "21123", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21123" }, { "name": "RHSA-2006:0617", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html" }, { "name": "21057", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21057" }, { "name": "oval:org.mitre.oval:def:10060", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060" }, { "name": "21605", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21605" }, { "name": "SUSE-SA:2006:047", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html" }, { "name": "21073", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21073" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c" }, { "name": "22174", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22174" }, { "name": "27120", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/27120" }, { "name": "MDKSA-2006:124", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124" }, { "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html" }, { "name": "USN-319-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/319-1/" }, { "name": "DSA-1111", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1111" }, { "name": "21498", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21498" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm" }, { "name": "21041", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21041" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973" }, { "name": "18992", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18992" }, { "name": "USN-319-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-319-2" }, { "name": "21119", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21119" }, { "name": "SUSE-SA:2006:049", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html" }, { "name": "20060717 rPSA-2006-0130-1 kernel", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded" }, { "name": "21179", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21179" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3626", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-proc-race-condition(27790)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27790" }, { "name": "ADV-2006-2816", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2816" }, { "name": "SUSE-SR:2006:017", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html" }, { "name": "SUSE-SA:2006:042", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html" }, { "name": "21123", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21123" }, { "name": "RHSA-2006:0617", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html" }, { "name": "21057", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21057" }, { "name": "oval:org.mitre.oval:def:10060", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060" }, { "name": "21605", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21605" }, { "name": "SUSE-SA:2006:047", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_47_kernel.html" }, { "name": "21073", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21073" }, { "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5", "refsource": "CONFIRM", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5" }, { "name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=0cb8f20d000c25118947fcafa81606300ced35f8;hp=243a94af0427b2630fb85f489a5419410dac3bfc;hb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3;f=fs/proc/base.c", "refsource": "CONFIRM", "url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=0cb8f20d000c25118947fcafa81606300ced35f8;hp=243a94af0427b2630fb85f489a5419410dac3bfc;hb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3;f=fs/proc/base.c" }, { "name": "22174", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22174" }, { "name": "27120", "refsource": "OSVDB", "url": "http://www.osvdb.org/27120" }, { "name": "MDKSA-2006:124", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:124" }, { "name": "20060714 Linux kernel 0day - dynamite inside, don\u0027t burn your fingers", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html" }, { "name": "USN-319-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/319-1/" }, { "name": "DSA-1111", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1111" }, { "name": "21498", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21498" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm" }, { "name": "21041", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21041" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973" }, { "name": "18992", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18992" }, { "name": "USN-319-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-319-2" }, { "name": "21119", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21119" }, { "name": "SUSE-SA:2006:049", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_49_kernel.html" }, { "name": "20060717 rPSA-2006-0130-1 kernel", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/440300/100/0/threaded" }, { "name": "21179", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21179" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3626", "datePublished": "2006-07-15T01:06:00", "dateReserved": "2006-07-14T00:00:00", "dateUpdated": "2024-08-07T18:39:53.486Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2006-3626\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-18T15:46:00.000\",\"lastModified\":\"2024-11-21T00:14:03.667\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.\"},{\"lang\":\"es\",\"value\":\"Condici\u00f3n de carrera en Linux kernel 2.6.17.4 y anteriores permite a usuarios locales ganar privilegios de root a trav\u00e9s del uso de prctl con PR_SET_DUMPABLE en un camino que hace que /proc/self/environ llegue a tener el setuid de root.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E60197-56C3-485C-9609-B1C4A0E0FCB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1369C4A-EF3B-4805-9046-ADA38ED940C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC3639E1-B5E4-4DD6-80D4-BA07D192C42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54393D69-B368-4296-9798-D81570495C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6791A801-9E06-47DD-912F-D8594E2F6B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE90CCED-3A5B-46E3-A6B0-4865AB786289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFF6DE7-6D7C-469A-9B2D-2F6E915F55B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E452E4-45A9-4469-BF69-F40B6598F0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5751AC4-A60F-42C6-88E5-FC8CFEE6F696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48777A01-8F36-4752-8F7A-1D1686C69A33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42DA6A18-5AA1-4920-94C6-8D0BB73C5352\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"992EA5DE-5A5B-4782-8B5A-BDD8D6FB1E31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E51F0211-2D3E-4260-AD63-E83AE4EC4AF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C4E1245-C6BB-462C-9E27-C608595DAE3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"747F1324-AEFA-496F-9447-12CD13114F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795C3B17-687E-4F33-AA99-8FEC16F14693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B81A4DD-2ADE-4455-B517-5E4E0532D5A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BD589CC-666B-4FAA-BCF0-91C484BDDB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD622EE-A840-42E1-B6BF-4AA27D039B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900D6742-DE0F-45C5-A812-BF84088CB02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"225CA94C-8C84-4FA6-95D0-160A0016FBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88ED3C4-64C5-44B2-9F23-E16087046C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FB31E5-190C-489A-AB30-910D2CC854F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4A781A-4A41-466F-8426-10B40CF8BA1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED29B3F-456B-4767-8E59-8C19A3B7E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6316369-B54A-4E59-A022-E0610353B284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073C3CE0-E12D-4545-8460-5A1514271D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E86E13B-EC92-47F3-94A9-DB515313011D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"980A6C7D-6175-4A44-8377-74AA7A9FD108\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C226902-04D9-4F32-866C-20225841ECF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6EDD210-6E7B-4BD8-96C2-2C22FEE7DE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"655DB612-AF49-4C17-AFB9-2E33EE8E0572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EE30F34-EE81-4E1E-BF9F-A7A36B78B897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F65DF2-2794-47B7-9676-CCF150683CC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6555D45B-D3B3-4455-AB1E-E513F9FB6139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FA5E262-7825-496F-AA72-0AD6DE6F3C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C6C01B-4CED-4F37-A415-0603496C27DC\"}]}]}],\"references\":[{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21041\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21057\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21073\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21119\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21123\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21498\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21605\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22174\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1111\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:124\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_17_sr.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_42_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_47_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_49_kernel.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/27120\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0617.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/440300/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18992\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-319-2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2816\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27790\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/319-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047907.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21605\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22174\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0cb8f20d000c25118947fcafa81606300ced35f8%3Bhp=243a94af0427b2630fb85f489a5419410dac3bfc%3Bhb=18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3%3Bf=fs/proc/base.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_17_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_42_kernel.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_47_kernel.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_49_kernel.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/27120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0617.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/440300/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-319-2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10060\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/319-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This vulnerability does not affect Red Hat Enterprise Linux 2.1 or 3 as they are based on 2.4 kernels.\\n\\nThe exploit relies on the kernel supporting the a.out binary format. Red Hat Enterprise Linux 4, Fedora Core 4, and Fedora Core 5 do not support the a.out binary format, causing the exploit to fail. We are not currently\\naware of any way to exploit this vulnerability if a.out binary format is not enabled. In addition, a default installation of these OS enables SELinux in enforcing mode. SELinux also completely blocks attempts to exploit this issue.\\n\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198973#c10\",\"lastModified\":\"2006-07-19T00:00:00\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.