CVE-2006-2448 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2448
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2448

Description: Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c).

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-311-1 TRUSTIX http://www.trustix.org/errata/2006/0037 SUSE http://www.novell.com/linux/security/advisories/2006_47_kernel.html http://www.novell.com/linux/security/advisories/2006_42_kernel.html SAID Secunia Advisory: SA20831 Secunia Advisory: SA20991 Secunia Advisory: SA20703 Secunia Advisory: SA21179 Secunia Advisory: SA21465 Secunia Advisory: SA22417 Secunia Advisory: SA21498 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0575.html CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7c85d1f9d358b24c5b05c3a2783a78423775a080 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.21 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/438168/100/0/threaded BID 18616

Return to the previous page.