Secunia
Login
|
|
CVE Reference: CVE-2006-0457 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0457 |
|
|
Description: Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25354 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-263-1 SUSE http://www.novell.com/linux/security/advisories/2006-05-31.html SAID Secunia Advisory: SA19220 Secunia Advisory: SA21465 Secunia Advisory: SA20398 Secunia Advisory: SA22417 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0575.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9566 OSVDB 23894 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:059 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm BID 17084 |
|
| Return to the previous page. |
