CVE-2006-1524

Sažetak

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.

Reference

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
http://lwn.net/Alerts/180820/
http://secunia.com/advisories/19657
http://secunia.com/advisories/19664
http://secunia.com/advisories/19735
http://secunia.com/advisories/20398
http://secunia.com/advisories/20671
http://secunia.com/advisories/20914
http://www.debian.org/security/2006/dsa-1097
http://www.debian.org/security/2006/dsa-1103
http://www.novell.com/linux/security/advisories/2006-05-31.html
http://www.osvdb.org/24714
http://www.securityfocus.com/bid/17587
http://www.vupen.com/english/advisories/2006/1391
http://www.vupen.com/english/advisories/2006/1475
http://www.vupen.com/english/advisories/2006/2554
https://exchange.xforce.ibmcloud.com/vulnerabilities/25870

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

19-04-2006 - 18:18