PRIOn knowledge basePRION:CVE-2006-1524Code injection
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux_kernel | eq | 2.6.16.6 | |
| linux_kernel | eq | 2.6.16.4 | |
| linux_kernel | eq | 2.6.16.1 | |
| linux_kernel | eq | 2.6.16.3 | |
| linux_kernel | eq | 2.6.16 | |
| linux_kernel | eq | 2.6.16.2 | |
| linux_kernel | eq | 2.6.16.5 |
References
kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
lwn.net/Alerts/180820/
secunia.com/advisories/19657
secunia.com/advisories/19664
secunia.com/advisories/19735
secunia.com/advisories/20398
secunia.com/advisories/20671
secunia.com/advisories/20914
www.debian.org/security/2006/dsa-1097
www.debian.org/security/2006/dsa-1103
www.novell.com/linux/security/advisories/2006-05-31.html
www.osvdb.org/24714
www.securityfocus.com/bid/17587
www.vupen.com/english/advisories/2006/1391
www.vupen.com/english/advisories/2006/1475
www.vupen.com/english/advisories/2006/2554
exchange.xforce.ibmcloud.com/vulnerabilities/25870
Related
